id: apache-dubbo-unauth info: name: Apache Dubbo - Unauthenticated Access author: j4vaovo severity: high description: | Apache Dubbo Unauthenticated Access were detected. reference: - https://dubbo.apache.org/en/docs3-v2/java-sdk/advanced-features-and-usage/security/auth/ metadata: verified: true max-request: 1 fofa-query: apache dubbo tags: network,dubbo,apache,unauth,misconfig,tcp tcp: - inputs: - data: "68656c700d0a" type: hex host: - "{{Hostname}}" port: 20880 read-size: 2048 matchers: - type: word words: - "trace [service] [method] [times]" # digest: 4a0a00473045022019baed158798bd7636f8936ae6391035ee1f3cf0f6969604340953f8f06eb9530221009c8b40931f9eb4ebebf117f4b5fa3250df9ddb124d3973eb74145b11fa82e355:922c64590222798bb761d5b6d8e72950