This exploit demonstrates a data deletion vulnerability in Apache Solr 3.5.0 by sending a crafted HTTP request to the update endpoint, which deletes all indexed data. The PoC includes a curl command to trigger the deletion and a query to verify the data loss.
Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target:Apache Solr 3.5.0
No auth needed
Prerequisites:Access to the Solr update endpoint · Solr instance with exposed HTTP API