Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2022-25757

In Apache APISIX before 2.13.0, when decoding JSON with duplicate keys, lua-cjson will choose the last occurred value as the result. By passing a JSON with a duplicate key, the attacker can bypass the body_schema validation in the request-validation plugin. For example, `{"string_payload":"bad","string_payload":"good"}` can be used to hide the "bad" input. Systems satisfy three conditions below are affected by this attack: 1. use body_schema validation in the request-validation plugin 2. upstream application uses a special JSON library that chooses the first occurred value, like jsoniter or gojay 3. upstream application does not validate the input anymore. The fix in APISIX is to re-encode the validated JSON input back into the request body at the side of APISIX. Improper Input Validation vulnerability in __COMPONENT__ of Apache APISIX allows an attacker to __IMPACT__. This issue affects Apache APISIX Apache APISIX version 2.12.1 and prior versions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.8%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 6.8
Products affected by CVE-2022-25757
  • Apache » Apisix » Version: N/A
    cpe:2.3:a:apache:apisix:-
  • Apache » Apisix » Version: 0.2
    cpe:2.3:a:apache:apisix:0.2
  • Apache » Apisix » Version: 0.3
    cpe:2.3:a:apache:apisix:0.3
  • Apache » Apisix » Version: 0.3-1
    cpe:2.3:a:apache:apisix:0.3-1
  • Apache » Apisix » Version: 0.4.1
    cpe:2.3:a:apache:apisix:0.4.1
  • Apache » Apisix » Version: 0.5
    cpe:2.3:a:apache:apisix:0.5
  • Apache » Apisix » Version: 0.6rc0
    cpe:2.3:a:apache:apisix:0.6rc0
  • Apache » Apisix » Version: 0.7
    cpe:2.3:a:apache:apisix:0.7
  • Apache » Apisix » Version: 0.8
    cpe:2.3:a:apache:apisix:0.8
  • Apache » Apisix » Version: 0.9-
    cpe:2.3:a:apache:apisix:0.9-
  • Apache » Apisix » Version: 0.9rc1
    cpe:2.3:a:apache:apisix:0.9rc1
  • Apache » Apisix » Version: 1.0
    cpe:2.3:a:apache:apisix:1.0
  • Apache » Apisix » Version: 1.1
    cpe:2.3:a:apache:apisix:1.1
  • Apache » Apisix » Version: 1.2
    cpe:2.3:a:apache:apisix:1.2
  • Apache » Apisix » Version: 1.3
    cpe:2.3:a:apache:apisix:1.3
  • Apache » Apisix » Version: 1.4
    cpe:2.3:a:apache:apisix:1.4
  • Apache » Apisix » Version: 1.4.1
    cpe:2.3:a:apache:apisix:1.4.1
  • Apache » Apisix » Version: 1.5
    cpe:2.3:a:apache:apisix:1.5
  • Apache » Apisix » Version: 2.0
    cpe:2.3:a:apache:apisix:2.0
  • Apache » Apisix » Version: 2.1
    cpe:2.3:a:apache:apisix:2.1
  • Apache » Apisix » Version: 2.10.0
    cpe:2.3:a:apache:apisix:2.10.0
  • Apache » Apisix » Version: 2.10.1
    cpe:2.3:a:apache:apisix:2.10.1
  • Apache » Apisix » Version: 2.10.2
    cpe:2.3:a:apache:apisix:2.10.2
  • Apache » Apisix » Version: 2.10.3
    cpe:2.3:a:apache:apisix:2.10.3
  • Apache » Apisix » Version: 2.10.4
    cpe:2.3:a:apache:apisix:2.10.4
  • Apache » Apisix » Version: 2.11.0
    cpe:2.3:a:apache:apisix:2.11.0
  • Apache » Apisix » Version: 2.12.0
    cpe:2.3:a:apache:apisix:2.12.0
  • Apache » Apisix » Version: 2.12.1
    cpe:2.3:a:apache:apisix:2.12.1
  • Apache » Apisix » Version: 2.2
    cpe:2.3:a:apache:apisix:2.2
  • Apache » Apisix » Version: 2.3
    cpe:2.3:a:apache:apisix:2.3
  • Apache » Apisix » Version: 2.4
    cpe:2.3:a:apache:apisix:2.4
  • Apache » Apisix » Version: 2.5
    cpe:2.3:a:apache:apisix:2.5
  • Apache » Apisix » Version: 2.6
    cpe:2.3:a:apache:apisix:2.6
  • Apache » Apisix » Version: 2.7
    cpe:2.3:a:apache:apisix:2.7
  • Apache » Apisix » Version: 2.8
    cpe:2.3:a:apache:apisix:2.8
  • Apache » Apisix » Version: 2.9
    cpe:2.3:a:apache:apisix:2.9


Products
Pricing
Contact Us

Shodan ® - All rights reserved