Vulnerability feed

Vulnerability

CVE-2023-49070

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2023-49070
Description:: Pre-auth RCE in Apache Ofbiz 18.12.09. It's due to XML-RPC no longer maintained still present. This issue affects Apache OFBiz: before 18.12.10. Users are recommended to upgrade to version 18.12.10
Last updated date:: 12/29/2023

Reports

alt

ACTIVELY EXPLOITED

Type:: exploitation
Confidence:: HIGH
Date of publishing:: 12/29/2023
Reference url to background: https://www.bleepingcomputer.com/news/security/apache-ofbiz-rce-flaw-exploited-to-find-vulnerable-confluence-servers/

Type:: exploit
Confidence:: HIGH
Date of publishing:: 12/14/2023
Reference url to background: https://github.com/abdoghazy2015/ofbiz-CVE-2023-49070-RCE-POC

Type:: exploit
Confidence:: HIGH
Date of publishing:: 01/04/2024
Reference url to background: https://github.com/D0g3-8Bit/OFBiz-Attack

Type:: exploit
Confidence:: HIGH
Date of publishing:: 01/08/2024
Reference url to background: https://github.com/UserConnecting/Exploit-CVE-2023-49070-and-CVE-2023-51467-Apache-OFBiz

Type:: exploit
Confidence:: HIGH
Date of publishing:: 02/06/2024
Reference url to background: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/apache_ofbiz_deserialization.rb

Vulnerability Feed Contributors About Blog

@inTheWild

©2024 |