Forums
- Recent Posts
- Forum Rules
Downloads
- Most Active Uploaders
- Latest Reviews
Wiki

Your name or email address:

Password:: Forgot your password?

Stay logged in

: Log in with Facebook
: Log in with Twitter
: Log in with Google

Menu
Forums
Forums

Quick Links
- Recent Posts
- Forum Rules
Downloads
Downloads

Quick Links
- Most Active Uploaders
- Latest Reviews
Wiki
Wiki

Quick Links
Menu

Log In
Sign up

Xiaopan Forums

> Support > News Aggregator >

Apache APISIX Remote Code Execution

Discussion in 'News Aggregator' started by Packet Storm, 8 Mar 2022.

Packet Storm Guest

Apache APISIX has a default, built-in API token that can be used to obtain full access of the admin API. Access to this API allows for remote LUA code execution through the script parameter added in the 2.x version. This module also leverages another vulnerability to bypass th e IP restriction plugin.

Continue reading...

#1 Packet Storm, 8 Mar 2022

(You must log in or sign up to post here.)

Show Ignored Content

Share This Page

Tweet

Loading...

Log in with Facebook
Log in with Twitter
Log in with Google

Your name or email address:

Do you already have an account?

No, create an account now.
Yes, my password is:
Forgot your password?

: Stay logged in

Xiaopan Forums

> Support > News Aggregator >

Toggle Width

Home
Help
Terms and Rules
Privacy Policy
Top

About Us

We are a community mixed with professionals and beginners with an interest in wireless security, auditing and pentesting. Feel free to check out and upload resources.

You can also find us on: Twitter and Facebook

Theme designed by ThemeHouse.

Xiaopan Forums

> Support > News Aggregator >