Home[1] Files[2] News[3] &[SERVICES_TAB] Contact[4] Add New[5]
- Apache OFBiz 18.12.09 Remote Code Execution[6]
- Authored by Jacques Leroux[7]
-
Apache OFBiz version 18.12.09 suffers from a pre-authentication remote code execution vulnerability.
- advisories | CVE-2023-49070[8]
- SHA-256 |
eb4458f535e94d51c6b4bf1779dd9da7aa903e2ad0a85e32eb0811983d7d8aaa
- Download[9] | Favorite[10] | View[11]
Change Mirror[12] Download[13]
From: Jacques Le Roux <jleroux () apache org>
Date: Mon, 04 Dec 2023 21:04:50 +0000
Severity: moderate
Affected versions:
- Apache OFBiz before 18.12.10
Description:
Pre-auth RCE in Apache Ofbiz 18.12.09.
It's due to XML-RPC no longer maintained still present.
This issue affects Apache OFBiz: before 18.12.10.
Users are recommended to upgrade to version 18.12.10
This issue is being tracked as OFBIZ-12812
Credit:
Siebene@ (finder)
References:
https://ofbiz.apache.org/download.html
https://ofbiz.apache.org/security.html
https://ofbiz.apache.org/release-notes-18.12.10.html
https://ofbiz.apache.org/
https://www.cve.org/CVERecord?id=CVE-2023-49070
https://issues.apache.org/jira/browse/OFBIZ-12812
-----
Packet Storm Note
Below is the proof of concept circulating on twitter:
#POC:
/webtools/control/xmlrpc;/?USERNAME=&PASSWORD=s&requirePasswordChange=Y
File Tags
- ActiveX[19] (932)
- Advisory[20] (83,575)
- Arbitrary[21] (16,456)
- BBS[22] (2,859)
- Bypass[23] (1,804)
- CGI[24] (1,031)
- Code Execution[25] (7,460)
- Conference[26] (683)
- Cracker[27] (843)
- CSRF[28] (3,355)
- DoS[29] (24,098)
- Encryption[30] (2,373)
- Exploit[31] (52,331)
- File Inclusion[32] (4,236)
- File Upload[33] (981)
- Firewall[34] (822)
- Info Disclosure[35] (2,814)
- Intrusion Detection[36] (900)
- Java[37] (3,091)
- JavaScript[38] (881)
- Kernel[39] (6,865)
- Local[40] (14,598)
- Magazine[41] (586)
- Overflow[42] (12,895)
- Perl[43] (1,427)
- PHP[44] (5,164)
- Proof of Concept[45] (2,355)
- Protocol[46] (3,664)
- Python[47] (1,571)
- Remote[48] (31,109)
- Root[49] (3,609)
- Rootkit[50] (516)
- Ruby[51] (614)
- Scanner[52] (1,645)
- Security Tool[53] (7,934)
- Shell[54] (3,219)
- Shellcode[55] (1,216)
- Sniffer[56] (897)
- Spoof[57] (2,232)
- SQL Injection[58] (16,459)
- TCP[59] (2,419)
- Trojan[60] (687)
- UDP[61] (896)
- Virus[62] (667)
- Vulnerability[63] (32,176)
- Web[64] (9,800)
- Whitepaper[65] (3,760)
- x86[66] (966)
- XSS[67] (18,067)
- Other[68]
File Archives
- December 2023[69]
- November 2023[70]
- October 2023[71]
- September 2023[72]
- August 2023[73]
- July 2023[74]
- June 2023[75]
- May 2023[76]
- April 2023[77]
- March 2023[78]
- February 2023[79]
- January 2023[80]
- Older[81]
Systems
- AIX[82] (429)
- Apple[83] (2,049)
- BSD[84] (375)
- CentOS[85] (57)
- Cisco[86] (1,926)
- Debian[87] (6,935)
- Fedora[88] (1,693)
- FreeBSD[89] (1,246)
- Gentoo[90] (4,396)
- HPUX[91] (880)
- iOS[92] (366)
- iPhone[93] (108)
- IRIX[94] (220)
- Juniper[95] (69)
- Linux[96] (48,040)
- Mac OS X[97] (691)
- Mandriva[98] (3,105)
- NetBSD[99] (256)
- OpenBSD[100] (487)
- RedHat[101] (14,730)
- Slackware[102] (941)
- Solaris[103] (1,611)
- SUSE[104] (1,444)
- Ubuntu[105] (9,182)
- UNIX[106] (9,345)
- UnixWare[107] (187)
- Windows[108] (6,613)
- Other[109]
- Services
- Security Services[120]
- Hosting By
- Rokasec[121]