Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-37580 PoC — Apache ShenYu Admin bypass JWT authentication

Source
https://github.com/ZororoZ/CVE-2021-37580
Associated Vulnerability
Title:Apache ShenYu Admin bypass JWT authentication (CVE-2021-37580)
Description:A flaw was found in Apache ShenYu Admin. The incorrect use of JWT in ShenyuAdminBootstrap allows an attacker to bypass authentication. This issue affected Apache ShenYu 2.3.0 and 2.4.0
Readme
# CVE-2021-37580

## 支持单独和批量验证CVE-2021-37580漏洞
### 单个url检测:
![image](https://user-images.githubusercontent.com/46238787/142592186-7026abd2-0a8e-4f91-99ac-1772c190b7d7.png)
### 文件批量验证:
![image](https://user-images.githubusercontent.com/46238787/142592762-f36fbfe7-59d9-426b-a3df-dc571599baef.png)
File Snapshot

 [4.0K]  /data/pocs/72e2e5f8b15556019a3c7d78fd348dd5b2eda6f4
├── [1.2K]  Apache ShenYu Admin authentication bypass vulnerability_Poc.py
└── [ 343]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →