Skip to content
Nuclei Templates

Apache ShenYu Admin Unauth Access

ID: CVE-2022-23944

Severity: critical

Author: cckuakilong

Tags: cve,cve2022,shenyu,unauth,apache

Description

Section titled “Description”

Apache ShenYu suffers from an unauthorized access vulnerability where a user can access /plugin api without authentication. This issue affected Apache ShenYu 2.4.0 and 2.4.1.

YAML Source

Section titled “YAML Source”
id: CVE-2022-23944


info:
  name: Apache ShenYu Admin Unauth Access
  author: cckuakilong
  severity: critical
  description: Apache ShenYu suffers from an unauthorized access vulnerability where a user can access /plugin api without authentication. This issue affected Apache ShenYu 2.4.0 and 2.4.1.
  impact: |
    Successful exploitation of this vulnerability can lead to unauthorized access to sensitive information and potential compromise of the Apache ShenYu admin panel.
  remediation: Upgrade to Apache ShenYu (incubating) 2.4.2 or apply the appropriate patch.
  reference:
    - https://github.com/apache/incubator-shenyu/pull/2462
    - https://nvd.nist.gov/vuln/detail/CVE-2022-23944
    - https://github.com/cckuailong/reapoc/blob/main/2022/CVE-2022-23944/vultarget/README.md
    - https://lists.apache.org/thread/dbrjnnlrf80dr0f92k5r2ysfvf1kr67y
    - http://www.openwall.com/lists/oss-security/2022/01/25/15
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
    cvss-score: 9.1
    cve-id: CVE-2022-23944
    cwe-id: CWE-306,CWE-862
    epss-score: 0.45887
    epss-percentile: 0.97086
    cpe: cpe:2.3:a:apache:shenyu:2.4.0:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: apache
    product: shenyu
  tags: cve,cve2022,shenyu,unauth,apache


http:
  - method: GET
    path:
      - "{{BaseURL}}/plugin"


    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '"message":"query success"'
          - '"code":200'
        condition: and


      - type: status
        status:
          - 200
# digest: 490a0046304402201b795978e9fb64f1925f06e4752ee7f00c076e4374612af550ffdecd05cbb7df022064542002e7d316d3492e72efc228010a03bbdc0d7cd6833cbd945732a218b535:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2022/CVE-2022-23944.yaml"

View on Github