This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: Apache Shiro < 1.9.1 has a security flaw. The `RegexRequestMatcher` is misconfigured on certain servlet containers. π **Consequences**: Security bypass.β¦
π‘οΈ **Root Cause**: CWE-863 (Incorrect Authorization). The core flaw lies in how `RegExPatternMatcher` handles request matching. It allows for configuration errors that lead to authorization bypasses.
Q3Who is affected? (Versions/Components)
π’ **Affected**: Apache Software Foundation. π¦ **Product**: Apache Shiro. π **Version**: All versions **prior to 1.9.1**. If you are running 1.9.0 or lower, you are at risk!
Q4What can hackers do? (Privileges/Data)
π **Attacker Capabilities**: Bypass token/header verification. π **Access**: Gain unauthorized access to interfaces (e.g., `/permit/*`). ποΈ **Privilege**: Access data or functions meant only for authenticated users.
Q5Is exploitation threshold high? (Auth/Config)
βοΈ **Threshold**: Medium. π **Config**: Requires specific setup using `RegExPatternMatcher`. πͺ **Auth**: Often involves bypassing Token header checks. If the dev uses regex matching incorrectly, the door is open.
Q6Is there a public Exp? (PoC/Wild Exploitation)
π **Public Exp?**: YES. π **PoC**: Available on GitHub (e.g., `Lay0us1/CVE-2022-32532`). π‘ **Note**: The PoC shows one condition, but the vulnerability exists whenever `RegExPatternMatcher` is used improperly.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: Scan for Apache Shiro versions < 1.9.1. π **Code Review**: Look for usage of `RegExPatternMatcher` or `RegexRequestMatcher`.β¦
π₯ **Urgency**: HIGH. π **Date**: Published June 2022. β‘ **Risk**: Easy to exploit if regex matching is misconfigured. π **Action**: Patch ASAP or implement strict workarounds. Don't ignore this!