Back to KEVs

CVE-2021-29441

Authentication bypass

Basic Information

CVE State
PUBLISHED
Reserved Date
March 30, 2021
Published Date
April 27, 2021
Last Updated
August 03, 2024
Vendor
alibaba
Product
nacos
Description
Nacos is a platform designed for dynamic service discovery and configuration and service management. In Nacos before version 1.4.1, when configured to use authentication (-Dnacos.core.auth.enabled=true) Nacos uses the AuthFilter servlet filter to enforce authentication. This filter has a backdoor that enables Nacos servers to bypass this filter and therefore skip authentication checks. This mechanism relies on the user-agent HTTP header so it can be easily spoofed. This issue may allow any user to carry out any administrative tasks on the Nacos server.
Tags
nuclei_scanner

CVSS Scores

CVSS v3.1

8.6 - HIGH

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CVSS v2.0

7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS Score

Score
94.05% (Percentile: 99.88%) as of 2025-05-28

Exploit Status

Exploited in the Wild
Yes (added 2025-05-24 00:00:00 UTC) Source

References

https://github.com/alibaba/nacos/issues/4701 https://github.com/advisories/GHSA-36hp-jr8h-556f https://github.com/alibaba/nacos/pull/4703

Known Exploited Vulnerability Information

Source Added Date
The Shadowserver (via CIRCL) 2025-05-25 12:00:10 UTC

Scanner Integrations

Scanner URL Date Detected
Nuclei https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-29441.yaml 2025-04-26 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

bysinks/CVE-2021-29441

Type: github • Created: 2022-03-15 08:53:59 UTC • Stars: 2

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Detected by Nuclei

  • Added to KEVIntel