Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdtJacques Leroux1337DAY-ID-39211
HistoryDec 29, 2023 - 12:00 a.m.

Apache OFBiz 18.12.09 Remote Code Execution Exploit

2023-12-2900:00:00
Jacques Leroux
0day.today
172
apache ofbiz
remote code execution
xml-rpc
security vulnerability
update
cve-2023-49070

10 High

AI Score

Confidence

High

0.794 High

EPSS

Percentile

98.3%

JSON

Apache OFBiz version 18.12.09 suffers from a pre-authentication remote code execution vulnerability.

From: Jacques Le Roux <jleroux () apache org>
Date: Mon, 04 Dec 2023 21:04:50 +0000

Severity: moderate

Affected versions:

- Apache OFBiz before 18.12.10

Description:

Pre-auth RCE in Apache Ofbiz 18.12.09.

It's due to XML-RPC no longer maintained still present.
This issue affects Apache OFBiz: before 18.12.10. 
Users are recommended to upgrade to version 18.12.10

This issue is being tracked as OFBIZ-12812 

Credit:

Siebene@ (finder)

References:

https://ofbiz.apache.org/download.html
https://ofbiz.apache.org/security.html
https://ofbiz.apache.org/release-notes-18.12.10.html
https://ofbiz.apache.org/
https://www.cve.org/CVERecord?id=CVE-2023-49070
https://issues.apache.org/jira/browse/OFBIZ-12812


-----
Packet Storm Note
Below is the proof of concept circulating on twitter:

#POC: 
/webtools/control/xmlrpc;/?USERNAME=&PASSWORD=s&requirePasswordChange=Y

Related

githubexploit 2
nuclei 1
cvelist 1
prion 1
cve 1
packetstorm 1
impervablog 1
thn 2
metasploit 1
attackerkb 1
githubexploit
githubexploit
Exploit for Code Injection in Apache Ofbiz
2023-12-14 09:32:41
Exploit for Code Injection in Apache Ofbiz
2023-12-17 22:56:10
nuclei
nuclei
Apache OFBiz < 18.12.10 - Arbitrary Code Execution
2023-12-06 05:56:13
cvelist
cvelist
CVE-2023-49070 Pre-auth RCE in Apache Ofbiz 18.12.09 due to XML-RPC still present
2023-12-05 08:05:06
prion
prion
Code injection
2023-12-05 08:15:00
cve
cve
CVE-2023-49070
2023-12-05 08:15:07
packetstorm
packetstorm
Apache OFBiz 18.12.09 Remote Code Execution
2023-12-29 00:00:00
impervablog
impervablog
Imperva defends customers against recent vulnerabilities in Apache OFBiz
2023-12-29 19:48:20
thn
thn
Critical Zero-Day in Apache OfBiz ERP System Exposes Businesses to Attack
2023-12-27 15:39:00
New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems
2024-01-11 14:16:00
metasploit
metasploit
Apache OFBiz XML-RPC Java Deserialization
2021-03-11 18:09:29
attackerkb
attackerkb
CVE-2023-49070
2023-12-05 00:00:00

10 High

AI Score

Confidence

High

0.794 High

EPSS

Percentile

98.3%

JSON
Related for 1337DAY-ID-39211
githubexploit2nuclei1cvelist1prion1cve1packetstorm1impervablog1thn2metasploit1attackerkb1