漏洞描述
MinIO控制台是用于MinIO操作器的图形用户界面。MinIO本身是一个多云对象存储项目。当启用外部IDP时,受影响的版本会受到操作员控制台中身份验证绕过问题的影响。
MinIO Console 存在认证绕过漏洞(CVE-2021-41266)
PoC代码
暂无相关漏洞推荐
- POC CVE-2021-21287: MinIO Browser API - Server-Side Request Forgery
- POC CVE-2021-41266: MinIO Operator Console Authentication Bypass
- POC CVE-2023-28432: MinIO Cluster Deployment - Information Disclosure
- POC CVE-2023-2982: Miniorange Social Login and Register <= 7.6.3 - Authentication Bypass
- POC CVE-2025-31489: MinIO - Incomplete Signature Validation for Unsigned-Trailer Uploads
- POC CVE-2021-21287: MinIO Browser API - Server-Side Request Forgery
- POC CVE-2023-28432: MinIO 未授权信息泄露
- POC minio-default-password: Minio Default Password
- POC minio-default-login: Minio Default Login
- POC minio-browser: MinIO Browser
- POC minio-console: MinIO Console
- MinIO Browser弱口令漏洞
- MinIO verify 接口敏感信息泄露漏洞(CVE-2023-28432)