Vulners
Lucene search
Apache RocketMQ Version Scanner
| Reporter | Title | Published | Views | Family All 46 |
|---|---|---|---|---|
 | Exploit for Code Injection in Apache Rocketmq | 1 Jun 202306:27 | – | githubexploit |
| Exploit for Code Injection in Apache Rocketmq | 14 Jul 202312:22 | – | githubexploit |
| Exploit for Code Injection in Apache Rocketmq | 1 Jun 202314:48 | – | githubexploit |
| Exploit for Code Injection in Apache Rocketmq | 1 Jun 202302:17 | – | githubexploit |
| Exploit for Code Injection in Apache Rocketmq | 26 Dec 202312:41 | – | githubexploit |
| Exploit for Code Injection in Apache Rocketmq | 28 Oct 202307:08 | – | githubexploit |
 | Apache RocketMQ 5.1.0 Arbitrary Code Injection Exploit | 10 Jul 202300:00 | – | zdt |
 | Security Bulletin: IBM Instana Observability is affected by Vulnerabilities in Apache RocketMQ | 5 Feb 202404:46 | – | ibm |
 | North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs | 25 Jul 202412:00 | – | ics |
 | CVE-2023-33246 | 24 May 202300:00 | – | attackerkb |
10
### This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Auxiliary
include Msf::Exploit::Remote::Tcp
include Msf::Auxiliary::Scanner
include Msf::Auxiliary::Report
include Msf::Auxiliary::Rocketmq
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Apache RocketMQ Version Scanner',
'Description' => %q{
Version scanner for the Apache RocketMQ product.
},
'Author' => [
'h00die',
'Malayke' # CVE-2023-33246 code
],
'References' => [
['URL', 'https://github.com/Malayke/CVE-2023-33246_RocketMQ_RCE_EXPLOIT/blob/main/check.py'],
['URL', 'https://github.com/apache/rocketmq']
],
'License' => MSF_LICENSE,
'Notes' => {
'Stability' => [],
'Reliability' => [],
'SideEffects' => []
}
)
)
end
def run_host(_ip)
res = send_version_request
if res.nil?
print_error('Invalid or no response received')
return
end
parsed_data = parse_rocketmq_data(res)
# grab some data that we need/want out of the response
output = "RocketMQ version #{parsed_data['version']}"
output += " found with brokers: #{parsed_data['brokerDatas']}" if parsed_data['brokerDatas']
print_good(output)
end
end
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
08 Jun 2026 19:03Current
9.7High risk
Vulners AI Score9.7
CVSS 3.19.8
EPSS0.94388
SSVC