Is CVE-2021-30181 known to be exploited?

7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Apache Software Foundation Dubbo

CVE-2021-30181

Apache Dubbo prior to 2.6.9 and 2.7.9 supports Script routing which will enable a customer to route the request to the right server. These rules are used by the customers when making a request in order to find the right endpoint. When pars…

EPSS: 0.615 (99.1th percentile) — read the EPSS interpretation.

Affected products

Apache Software Foundation Dubbo — versions Apache Dubbo 2.7.x, Apache Dubbo 2.6.x

Public proof-of-concept exploits

shoucheng3/apache__incubator-dubbo_CVE-2021-30181_2-6-8
ARPSyndicate/cvemon
Armandhe-China/ApacheDubboSerialVuln
Whoopsunix/PPPVULNS
dayutech/ApacheDubboSerialVuln
shoucheng3/apache__
threedr3am/dubbo-exp

References

lists.apache.org/thread.html/re22410dc704a09bc7032ddf15140cf5e7df3e8ece390fc903… (x_refsource_MISC)

Frequently asked questions

What is CVE-2021-30181?: CVE-2021-30181 is a vulnerability in Apache Software Foundation Dubbo. Published 2021-05-29.
Is CVE-2021-30181 known to be exploited?: 7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.