Description
Nacos is a platform designed for dynamic service discovery and configuration and service management.
Nacos before 1.4.1 has an authentication bypass vulnerability. An attacker can bypass the authentication with a specially crafted HTTP request and get full access to the system.
Remediation
Upgrade to the latest version of Nacos
References
Related Vulnerabilities
WordPress Plugin Blog2Social:Social Media Auto Post & Scheduler Security Bypass (6.9.11)
Joomla! Core Security Bypass (2.5.0 - 3.9.18)
WordPress Plugin YITH WooCommerce Cart Messages Security Bypass (1.4.3)
Joomla! Core 1.5.x Security Bypass (1.5.0 - 1.5.14)
WordPress Plugin Share, Print and PDF Products for WooCommerce Security Bypass (2.7.2)