CVE-2021-37580

This repository contains a functional exploit PoC for CVE-2021-37580, which bypasses JWT authentication in Apache ShenYu Admin. The script generates a crafted JWT token and sends it to the target endpoint to check for vulnerability.

This PoC exploits CVE-2021-37580, an authentication bypass vulnerability in an unspecified software. It generates a JWT token with a hardcoded salt and sends it to the '/dashboardUser' endpoint to bypass authentication and retrieve user data.

The repository contains a functional Python script that exploits an authentication bypass vulnerability in Apache ShenYu Admin by querying the `/dashboardUser` endpoint to retrieve user credentials without authentication. The script supports both single URL and batch file input for vulnerability verification.

This repository contains a functional exploit PoC for CVE-2021-37580, an authentication bypass vulnerability in Apache ShenYu Admin. The exploit generates a crafted JWT token with a hardcoded salt and sends it to the `/dashboardUser` endpoint to retrieve admin credentials.

This script exploits CVE-2021-37580, an authentication bypass vulnerability in Apache ShenYu Admin. It retrieves a JWT token via a hardcoded endpoint and uses it to access the '/dashboardUser' endpoint, demonstrating unauthorized data access.

This repository contains a functional Python script that exploits CVE-2021-37580, an authentication bypass vulnerability in Apache ShenYu. The exploit generates a JWT token with a hardcoded salt and sends it to the target endpoint to bypass authentication and retrieve user information.

The repository claims to be a scanner for CVE-2021-37580 (an authentication bypass in Apache Shenyu admin) but lacks actual code or technical details. It instructs users to run a precompiled executable (CVE-2021-37580.exe), which is a red flag for potential malware.