Sign-up

ID

VAR-202202-0171


CVE

CVE-2022-24112


TITLE

Apache Apisix Remote Code Execution Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2022-12799

DESCRIPTION

An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX (with default API key) is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different from the data panel, the impact is lower. But there is still a risk to bypass the IP restriction of Apache APISIX's data panel. There is a check in the batch-requests plugin which overrides the client IP with its real remote IP. But due to a bug in the code, this check can be bypassed. Apache Apisix is a cloud-native microservice API gateway service of the Apache Foundation. The software is implemented based on OpenResty and etcd, with dynamic routing and plug-in hot loading, suitable for API management under the microservice system. The vulnerability stems from the fact that the batch-requests plugin of the product does not effectively limit the user's batch requests

Trust: 1.53

sources: NVD: CVE-2022-24112 // CNVD: CNVD-2022-12799 // VULMON: CVE-2022-24112

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2022-12799

AFFECTED PRODUCTS

vendor:apachemodel:apisixscope:ltversion:2.10.4

Trust: 1.6

vendor:apachemodel:apisixscope:ltversion:2.12.1

Trust: 1.0

vendor:apachemodel:apisixscope:gteversion:2.11.0

Trust: 1.0

vendor:apachemodel:apisixscope:gteversion:2.11.0,<2.12.1

Trust: 0.6

sources: CNVD: CNVD-2022-12799 // NVD: CVE-2022-24112

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2022-24112
value: CRITICAL

Trust: 1.0

CNVD: CNVD-2022-12799
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202202-1030
value: CRITICAL

Trust: 0.6

VULMON: CVE-2022-24112
value: HIGH

Trust: 0.1

NVD: CVE-2022-24112
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: FALSE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: FALSE
version: 2.0

Trust: 1.1

CNVD: CNVD-2022-12799
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

NVD: CVE-2022-24112
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: CNVD: CNVD-2022-12799 // VULMON: CVE-2022-24112 // CNNVD: CNNVD-202202-1030 // NVD: CVE-2022-24112

PROBLEMTYPE DATA

problemtype:CWE-290

Trust: 1.0

sources: NVD: CVE-2022-24112

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202202-1030

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202202-1030

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2022-24112

PATCH
title:Patch for Apache Apisix Remote Code Execution Vulnerabilityurl:https://www.cnvd.org.cn/patchinfo/show/321071
Trust: 0.6
title:Apache APISIX Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=181993
Trust: 0.6
title:CVE-2022-24112url:https://github.com/udyz/cve-2022-24112 
Trust: 0.1
title:CVE-2022-24112url:https://github.com/mah1ndra/cve-2022-24112 
Trust: 0.1
title:Apache-APISIX-CVE-2022-24112url:https://github.com/m4xsec/apache-apisix-cve-2022-24112 
Trust: 0.1
title:cve-2022-24112url:https://github.com/twseptian/cve-2022-24112 
Trust: 0.1
title:CVE-2022-24112url:https://github.com/shakeman8/cve-2022-24112 
Trust: 0.1
title:CVE-2022-244112url:https://github.com/mah1ndra/cve-2022-244112 
Trust: 0.1
title:CVE-2022-24112-POCurl:https://github.com/kavishkagihan/cve-2022-24112-poc 
Trust: 0.1
title:CVE-2022-24112url:https://github.com/mr-xn/cve-2022-24112 
Trust: 0.1
title:CVE-2022-24112url:https://github.com/axx8/cve-2022-24112 
Trust: 0.1
title:Apache-APISIX-dashboard-RCEurl:https://github.com/greetdawn/apache-apisix-dashboard-rce 
Trust: 0.1
title:FrameVulurl:https://github.com/awrrays/framevul 
Trust: 0.1
title: - url:https://github.com/soosmile/poc 
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2022-12799 // 
            
            
            
            VULMON: CVE-2022-24112 // 
            
            
            
            CNNVD: CNNVD-202202-1030

EXTERNAL IDS
db:NVDid:CVE-2022-24112
Trust: 2.3
db:OPENWALLid:OSS-SECURITY/2022/02/11/3
Trust: 1.7
db:PACKETSTORMid:166328
Trust: 1.7
db:PACKETSTORMid:166228
Trust: 1.7
db:CNVDid:CNVD-2022-12799
Trust: 0.6
db:CS-HELPid:SB2022021408
Trust: 0.6
db:CXSECURITYid:WLB-2022030040
Trust: 0.6
db:CXSECURITYid:WLB-2022030068
Trust: 0.6
db:EXPLOIT-DBid:50829
Trust: 0.6
db:CNNVDid:CNNVD-202202-1030
Trust: 0.6
db:VULMONid:CVE-2022-24112
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2022-12799 // 
            
            
            
            VULMON: CVE-2022-24112 // 
            
            
            
            CNNVD: CNNVD-202202-1030 // 
            
            
            
            NVD: CVE-2022-24112

REFERENCES
url:http://packetstormsecurity.com/files/166228/apache-apisix-remote-code-execution.html
Trust: 2.3
url:http://packetstormsecurity.com/files/166328/apache-apisix-2.12.1-remote-code-execution.html
Trust: 2.3
url:https://lists.apache.org/thread/lcdqywz8zy94mdysk7p3gfdgn51jmt94
Trust: 1.7
url:http://www.openwall.com/lists/oss-security/2022/02/11/3
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2022-24112
Trust: 1.2
url:https://www.exploit-db.com/exploits/50829
Trust: 0.6
url:https://cxsecurity.com/issue/wlb-2022030040
Trust: 0.6
url:https://www.cybersecurity-help.cz/vdb/sb2022021408
Trust: 0.6
url:https://cxsecurity.com/issue/wlb-2022030068
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/290.html
Trust: 0.1
url:https://github.com/udyz/cve-2022-24112
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2022-12799 // 
            
            
            
            VULMON: CVE-2022-24112 // 
            
            
            
            CNNVD: CNNVD-202202-1030 // 
            
            
            
            NVD: CVE-2022-24112

CREDITS
Ven3xy
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-202202-1030

SOURCES
db:CNVDid:CNVD-2022-12799
db:VULMONid:CVE-2022-24112
db:CNNVDid:CNNVD-202202-1030
db:NVDid:CVE-2022-24112

LAST UPDATE DATE
2022-06-28T22:25:31.688000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2022-12799date:2022-02-21T00:00:00
db:VULMONid:CVE-2022-24112date:2022-05-11T00:00:00
db:CNNVDid:CNNVD-202202-1030date:2022-03-17T00:00:00
db:NVDid:CVE-2022-24112date:2022-05-11T14:58:00

SOURCES RELEASE DATE
db:CNVDid:CNVD-2022-12799date:2022-02-20T00:00:00
db:VULMONid:CVE-2022-24112date:2022-02-11T00:00:00
db:CNNVDid:CNNVD-202202-1030date:2022-02-11T00:00:00
db:NVDid:CVE-2022-24112date:2022-02-11T13:15:00