Alibaba Sentinel 漏洞列表
共找到 6 个与 Alibaba Sentinel 相关的漏洞
📅 加载漏洞趋势中...
-
CVE-2021-44139: Alibaba Sentinel - Server-side request forgery (SSRF) POC
There is a Pre-Auth SSRF vulnerability in Alibaba Sentinel version 1.8.2, which allows remote unauthenticated attackers to perform SSRF attacks via the /registry/machine endpoint through the ip parameter. shodan: title:"Sentinel Dashboard" fofa: title="Sentinel Dashboard" -
alibaba-sentinel-default-user: Alibaba Sentinel 默认用户 POC
Fofa: app="Sentinel-Dashboard" -
CVE-2021-44139: Alibaba Sentinel - Server-side request forgery (SSRF) POC
There is a Pre-Auth SSRF vulnerability in Alibaba Sentinel version 1.8.2, which allows remote unauthenticated attackers to perform SSRF attacks via the /registry/machine endpoint through the ip parameter. -
Alibaba Sentinel 控制台未授权访问 无POC
Alibaba Sentinel是面向分布式服务架构的流量控制组件,主要以流量为切入点,从流量控制、熔断降级、系统自适应保护等多个维度来帮助您保障微服务的稳定性。Sentinel控制台未经身份验证的用户可以公开访问。导致泄露节点端信息 -
Alibaba Sentinel-Dashboard默认口令 无POC
Alibaba开源限流熔断组件Sentinel中的管控平台sentinel-dashboard存在默认口令,攻击者可通过默认口令进入系统获取后台敏感信息。 -
Alibaba Sentinel-Dashboard前台SSRF漏洞 无POC
Alibaba开源限流熔断组件Sentinel中的管控平台sentinel-dashboard存在认证前SSRF漏洞,恶意用户无需认证即可通过该接口进行SSRF攻击