Exploit for Missing Authentication for Critical Function in Apache Apisix Dashboard CVE-2021-45232

Name: Exploit for Missing Authentication for Critical Function in Apache Apisix Dashboard CVE-2021-45232
Rating: 5 (279 reviews)

2022-01-05 | CVSS 7.5

## https://sploitus.com/exploit?id=6732505C-AA2B-5FFA-9683-662BEE86798A
# Apache APISIX Dashboard RCE

```bash
usage: [-h] [-u URL] [-p PORT] [-c CMD]

optional arguments:
  -h, --help            show this help message and exit
  -u URL, --url URL     target url (e.g: http://127.0.0.1:9000)
  -p PORT, --port PORT  apisix management port (default: 9080)
  -c CMD, --cmd CMD     command (default: ifconfig)
```
![](./2022-01-05_16-57-21.png)

# reference

https://github.com/wuppp/cve-2021-45232-exp