Lucene search
+L

7 matches found

VulnCheck KEV
VulnCheck KEV
added 2025/12/02 12:0 a.m.18 views

VulnCheck KEV: CVE-2023-52251

An issue discovered in provectus kafka-ui 0.4.0 through 0.7.1 allows remote attackers to execute arbitrary code via the q parameter of /api/clusters/local/topics/topic/messages...

8.8CVSS6.2AI score0.85025EPSS
In wildExploits5References63
0day.today
0day.today
added 2024/02/20 12:0 a.m.323 views

Kafka UI 0.7.1 Command Injection Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kafka UI Unauthenticated Remote Command Execution via the Groovy Filter option.', 'Description' = %q A command injection vulnerability exists in...

8.8CVSS7.4AI score0.85025EPSS
Exploits5
Packet Storm
Packet Storm
added 2024/02/20 12:0 a.m.491 views

Kafka UI 0.7.1 Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kafka UI Unauthenticated Remote Command Execution via the Groovy Filter option.', 'Description' = %q A command injection vulnerability exists in...

8.8CVSS7.4AI score0.85025EPSS
Exploits5
Circl
Circl
added 2024/01/25 10:26 p.m.9 views

CVE-2023-52251

creationtimestamp| type| source ---|---|--- 2024-01-25 22:26:20+00:00| seen| https://t.me/ctinow/173834 2024-01-26 14:49:19+00:00| seen| https://t.me/arpsyndicate/2973 2024-02-01 03:16:26+00:00| seen| https://t.me/ctinow/177279 2024-02-16 20:55:39+00:00| seen|...

8.8CVSS8.1AI score0.85025EPSS
Exploits5References10
Cvelist
Cvelist
added 2024/01/25 12:0 a.m.47 views

CVE-2023-52251

An issue discovered in provectus kafka-ui 0.4.0 through 0.7.1 allows remote attackers to execute arbitrary code via the q parameter of /api/clusters/local/topics/topic/messages...

9.2AI score0.85025EPSS
Exploits5References2
CVE
CVE
added 2024/01/25 12:0 a.m.156 views

CVE-2023-52251

Kafka UI (Provectus Kafka‑UI) 0.4.0–0.7.1 is exploitable via the q parameter in /api/clusters/local/topics/{topic}/messages, allowing remote code execution through a Groovy script injection in the filterQueryType path. Impact is high (RCE). Remediation available: upgrade to Kafka UI 0.7.2 or late...

8.8CVSS8.9AI score0.85025EPSS
In wildExploits5References2Affected Software1
GithubExploit
GithubExploit
added 2024/01/06 11:7 a.m.530 views

Exploit for Code Injection in Provectus Ui

CVE-2023-52251-POC There is a Remote Code Execution vulnerabi...

8.8CVSS9.5AI score0.85025EPSS
Exploits5
Rows per page
Query Builder