Skip to content

CVE-2021-29441 - Alibaba Nacos Authentication Bypass#21646

Open
K3ysTr0K3R wants to merge 2 commits into
rapid7:masterfrom
K3ysTr0K3R:cve-2021-29441-nacos-auth-bypass
Open

CVE-2021-29441 - Alibaba Nacos Authentication Bypass#21646
K3ysTr0K3R wants to merge 2 commits into
rapid7:masterfrom
K3ysTr0K3R:cve-2021-29441-nacos-auth-bypass

Conversation

@K3ysTr0K3R

Copy link
Copy Markdown

This PR adds a new module for CVE-2021-29441, which exploits an authentication bypass vulnerability in Alibaba Nacos. The flaw allows unauthenticated users to create their own credentials to log into the admin panel.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

Status: Todo

Development

Successfully merging this pull request may close these issues.

2 participants