7 matches found
VulnCheck KEV: CVE-2023-52251
An issue discovered in provectus kafka-ui 0.4.0 through 0.7.1 allows remote attackers to execute arbitrary code via the q parameter of /api/clusters/local/topics/topic/messages...
Kafka UI 0.7.1 Command Injection Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kafka UI Unauthenticated Remote Command Execution via the Groovy Filter option.', 'Description' = %q A command injection vulnerability exists in...
Kafka UI 0.7.1 Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kafka UI Unauthenticated Remote Command Execution via the Groovy Filter option.', 'Description' = %q A command injection vulnerability exists in...
CVE-2023-52251
creationtimestamp| type| source ---|---|--- 2024-01-25 22:26:20+00:00| seen| https://t.me/ctinow/173834 2024-01-26 14:49:19+00:00| seen| https://t.me/arpsyndicate/2973 2024-02-01 03:16:26+00:00| seen| https://t.me/ctinow/177279 2024-02-16 20:55:39+00:00| seen|...
CVE-2023-52251
An issue discovered in provectus kafka-ui 0.4.0 through 0.7.1 allows remote attackers to execute arbitrary code via the q parameter of /api/clusters/local/topics/topic/messages...
CVE-2023-52251
Kafka UI (Provectus Kafka‑UI) 0.4.0–0.7.1 is exploitable via the q parameter in /api/clusters/local/topics/{topic}/messages, allowing remote code execution through a Groovy script injection in the filterQueryType path. Impact is high (RCE). Remediation available: upgrade to Kafka UI 0.7.2 or late...
Exploit for Code Injection in Provectus Ui
CVE-2023-52251-POC There is a Remote Code Execution vulnerabi...