banner
lca

lca

真正的不自由,是在自己的心中设下牢笼。
HomeArchives图文

Apache RocketMQ Code Injection Vulnerability Reproduction (CVE-2023-33246)

#漏洞复现783
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
Apache RocketMQ is a lightweight data processing platform and messaging engine developed by the Apache Foundation. It has a code injection vulnerability in versions 5.1.0 and earlier, which allows remote command execution. Attackers can exploit this vulnerability to execute commands as a system user. The official patch for this vulnerability is available for download.

Product Introduction#

Apache RocketMQ is a lightweight data processing platform and message delivery engine from the Apache Foundation.

Vulnerability Overview#

Apache RocketMQ versions 5.1.0 and earlier have a code injection vulnerability. This vulnerability is due to a remote command execution vulnerability, which allows attackers to execute commands as system users by exploiting the update configuration function.

Impact Scope#

<5.1.0

Vulnerability Reproduction#

Environment setup:

image

Check for vulnerability using the script

image

Reverse shell

image

nc listens on 1234

image

Recommended Fixes#

Official patches have been released. Official patch download link: https://lists.apache.org/thread/1s8j2c8kogthtpv3060yddk03zq0pxyp

References#

GitHub - I5N0rth/CVE-2023-33246

GitHub - SuperZero/CVE-2023-33246: Apache RocketMQ Remote Code Execution Vulnerability (CVE-2023-33246) Exploit

GitHub - Le1a/CVE-2023-33246: Apache RocketMQ Remote Code Execution Vulnerability (CVE-2023-33246) Exploit

GitHub - Malayke/CVE-2023-33246_RocketMQ_RCE_EXPLOIT: CVE-2023-33246 RocketMQ RCE Detect By Version and Exploit

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.