Description

Nacos is a platform designed for dynamic service discovery and configuration and service management.

Nacos before 1.4.1 has an authentication bypass vulnerability. An attacker can bypass the authentication with a specially crafted HTTP request and get full access to the system.

Remediation

Upgrade to the latest version of Nacos

References

Related Vulnerabilities