ip blacklist bypass vulnerability
Shydlock opened this issue · comments
ip blacklist bypass vulnerability
Process
-
Set up ip blacklist for 127.0.0.1(Due to the existence of a system bug, only 27.0.0.1 can be set here, but it is limited to 127.0.0.1)
-
Re-visit the page and find that it has been restricted by the ip blacklist
-
But here you can bypass the blacklist restriction by setting the X-Real-IP request header