7 matches found
CVE-2023-37582
creationtimestamp| type| source ---|---|--- 2023-07-15 10:35:02+00:00| published-proof-of-concept| https://t.me/proxybar/1626 2023-07-15 14:45:28+00:00| published-proof-of-concept| https://t.me/crackcodes/3898 2023-07-15 14:46:28+00:00| published-proof-of-concept|...
Exploit for Code Injection in Apache Rocketmq
CVE-2023-37582EXPLOIT Apache RocketMQ Arbitrary File Write Vu...
org.apache.rocketmq:rocketmq-dashboard (=2.0.0), org.apache.rocketmq:rocketmq-test (>=5.0.0 <=5.1.1) potentially affected by CVE-2023-37582 via org.apache.rocketmq:rocketmq-namesrv (>=5.0.0 <=5.1.1)
org.apache.rocketmq:rocketmq-namesrv MAVEN version =5.0.0, =5.0.0, =5.1.1 Source cves: CVE-2023-37582 Source advisory: OSV:GHSA-GPQ8-963W-8QC9...
cn.chendahai:rocketmq-console-alarm (=1.0.3), com.webank.defibus:defibus-namesrv (>=1.0.0 <=1.0.1) +10 more potentially affected by CVE-2023-37582 via org.apache.rocketmq:rocketmq-namesrv (>=4.0.0-incubating <=4.9.6)
org.apache.rocketmq:rocketmq-namesrv MAVEN version =4.0.0-incubating, =1.0.0, =0.0.7, =1.2.0-release, =1.10.0-release, =1.9.0-release, =1.2.0-release, =1.9.0-release, =2.0.0, =4.0.0-incubating, =4.9.6 Source cves: CVE-2023-37582 Source advisory: OSV:GHSA-GPQ8-963W-8QC9...
CVE-2023-37582
The RocketMQ NameServer component still has a remote command execution vulnerability as the CVE-2023-33246 issue was not completely fixed in version 5.1.1. When NameServer address are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the...
CVE-2023-37582
The RocketMQ NameServer component still has a remote command execution vulnerability as the CVE-2023-33246 issue was not completely fixed in version 5.1.1. When NameServer address are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the...
CVE-2023-37582 Apache RocketMQ: Possible remote code execution when using the update configuration function
The RocketMQ NameServer component still has a remote command execution vulnerability as the CVE-2023-33246 issue was not completely fixed in version 5.1.1. When NameServer address are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the...