Radar is an open-source lightweight real-time risk control engine.Radar has an authentication bypass vulnerability, and any interface can be accessed without authentication.
https://github.com/wfh45678/radar
<= V1.0.8
Choose any interface that requires authentication to access, example:/services/v1/model/list
Access failed without authentication
Add/aa/../ Successfully bypassed authentication access
