CVE-2020-17523

CRITICAL

Apache Shiro < 1.7.1 - Authentication Bypass via Crafted HTTP Request

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2020-17523. PoCs published by jweny, JAckLosingHeart.

AI-analyzed exploit summary This repository contains a proof-of-concept for CVE-2020-17523, an authentication bypass vulnerability in Apache Shiro versions prior to 1.7.1. The exploit demonstrates two methods to bypass authentication by manipulating URL paths with spaces or special characters.

Description

Apache Shiro before 1.7.1, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass.

Exploits (2)

nomisec WORKING POC 119 stars

by jweny · poc

https://github.com/jweny/shiro-cve-2020-17523

View Code ZIP pw:eip

This repository contains a proof-of-concept for CVE-2020-17523, an authentication bypass vulnerability in Apache Shiro versions prior to 1.7.1. The exploit demonstrates two methods to bypass authentication by manipulating URL paths with spaces or special characters.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Apache Shiro < 1.7.1

No auth needed

Prerequisites: Apache Shiro version < 1.7.1 · Spring framework integration

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

github WORKING POC 5 stars

by JAckLosingHeart · javapoc

https://github.com/JAckLosingHeart/CVE-PoC-Collection/tree/main/shiro-CVE-2020-17523

View Code ZIP pw:eip

This repository contains a functional proof-of-concept for CVE-2020-17523, an authentication bypass vulnerability in Apache Shiro. The exploit leverages a misconfiguration in the `RequestMappingHandlerMapping` to bypass authentication checks.

Classification

Working Poc 90%