Apache Apisix is a cloud-native microservices API gateway service from the Apache Foundation. The software is implemented based on OpenResty and etcd, with dynamic routing and plugin hot-loading, suitable for API management under the microservices architecture. APISIX Dashboard has a security vulnerability in version 2.6, which stems from the use of a risky function to obtain an IP in the IP Allowed List restriction, which could be exploited by an attacker to bypass network restrictions.