Is CVE-2020-13945 known to be exploited?

34 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Apache Software Foundation Apisix

CVE-2020-13945

In Apache APISIX, the user enabled the Admin API and deleted the Admin API access IP restriction rules. Eventually, the default token is allowed to access APISIX management data. This affects versions 1.2, 1.3, 1.4, 1.5.

EPSS: 0.934 (99.8th percentile) — read the EPSS interpretation.

Affected products

Apache Software Foundation Apisix — versions 1.2, 1.3, 1.4

Public proof-of-concept exploits

K3ysTr0K3R/CVE-2020-13945-EXPLOIT
YutuSec/Apisix_Crack
rapid7/metasploit-framework
ARPSyndicate/cvemon
ARPSyndicate/kenzer-templates
CLincat/vulcat
DMW11525708/wiki
HimmelAward/Goby_
Lern0n/Lernon-POC
Luhaozhhhe/360_

References

lists.apache.org/thread.html/r792feb29964067a4108f53e8579a1e9bd1c8b5b9bc95618c8… (x_refsource_CONFIRM)
packetstormsecurity.com/files/166228/Apache-APISIX-Remote-Code-Execution.html (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-13945?: CVE-2020-13945 is a vulnerability in Apache Software Foundation Apisix. Published 2020-12-07.
Is CVE-2020-13945 known to be exploited?: 34 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.