Lädt...


🕵️ Critical Apache OFBiz Flaw Allows Hackers to Execute Code Remotely


Nachrichtenbereich: 🕵️ Hacking
🔗 Quelle: blackhatethicalhacking.com

Critical Apache OFBiz Flaw Allows Hackers to Execute Code Remotely




Join our Patreon Channel and Gain access to 70+ Exclusive Walkthrough Videos.

Patreon
Reading Time: 3 Minutes

Apache has addressed a critical remote code execution (RCE) vulnerability in its open-source OFBiz (Open For Business) software, a suite of enterprise business applications used for customer relationship management (CRM) and enterprise resource planning (ERP). The flaw, identified as CVE-2024-45195, allows attackers to execute arbitrary code on Linux and Windows servers running OFBiz.

About the Vulnerability

Discovered by Rapid7 security researchers, the vulnerability stems from a forced browsing weakness, which exposes restricted paths to unauthenticated direct request attacks. This flaw allows attackers to bypass security measures and gain access to unauthorized areas of the web application, leading to remote code execution.

“An attacker with no valid credentials can exploit missing view authorization checks in the web application to execute arbitrary code on the server,” security researcher Ryan Emmons explained. The report also includes proof-of-concept (PoC) exploit code demonstrating the vulnerability.

See Also: So, you want to be a hacker?
Offensive Security, Bug Bounty Courses




Discover your weakest link. Be proactive, not reactive. Cybercriminals need just one flaw to strike.

Patch and Recommendation

The Apache security team has patched the vulnerability in version 18.12.16 by adding necessary authorization checks. OFBiz users are strongly advised to update their installations to prevent potential exploitation of this critical flaw.

Bypass of Previous Patches

CVE-2024-45195 is a bypass for three previously patched vulnerabilities, tracked as CVE-2024-32113, CVE-2024-36104, and CVE-2024-38856. All these flaws share a common root cause: a controller-view map fragmentation issue that attackers can exploit to achieve remote code execution without authentication.

Security researcher Ryan Emmons emphasized that the latest vulnerability highlights the persistence of the underlying issue, despite previous patches. Attackers can execute code or SQL queries using these flaws, posing a significant risk to unpatched systems.




Active Exploits and CISA Warnings

In August, the Cybersecurity and Infrastructure Security Agency (CISA) warned that the CVE-2024-32113 vulnerability was being actively exploited in attacks. The agency added it to its catalog of known exploited vulnerabilities, requiring federal agencies to patch their systems within a set timeframe under the Binding Operational Directive (BOD 22-01).

Although this mandate specifically applies to Federal Civilian Executive Branch (FCEB) agencies, CISA strongly recommends that all organizations prioritize patching these vulnerabilities to protect their networks from potential attacks.

Attackers have also exploited previous OFBiz RCE vulnerabilities, such as CVE-2023-49070, using publicly available proof-of-concept exploits.

Are u a security researcher? Or a company that writes articles about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing? If you want to express your idea in an article contact us here for a quote: [email protected]

Source: bleepingcomputer.com

Source Link

Merch

Offensive Security & Ethical Hacking Course

Begin the learning curve of hacking now!


Information Security Solutions

Find out how Pentesting Services can help you.


Join our Community

The post Critical Apache OFBiz Flaw Allows Hackers to Execute Code Remotely first appeared on Black Hat Ethical Hacking. ...

🕵️ Critical Apache OFBiz Flaw Allows Hackers to Execute Code Remotely


📈 83.05 Punkte
🕵️ Hacking

🕵️ Apache OFBiz RCE Flaw Let Attackers Execute Malicious Code Remotely


📈 61.13 Punkte
🕵️ Hacking

📰 New Zero-Day Flaw in Apache OFBiz ERP Allows Remote Code Execution


📈 45.21 Punkte
📰 IT Security Nachrichten

🕵️ SQLite Vulnerability allows Hackers to Remotely Execute Code on the Vulnerable Device


📈 45.11 Punkte
🕵️ Hacking

📰 Flaw in mIRC App Allows Attackers to Execute Commands Remotely


📈 43.12 Punkte
📰 IT Security Nachrichten

📰 Flaw in mIRC App Allows Attackers to Execute Commands Remotely


📈 43.12 Punkte
📰 IT Security Nachrichten

📰 Apache fixed a new remote code execution flaw in Apache OFBiz


📈 41.91 Punkte
📰 IT Security Nachrichten

🕵️ Critical RCE Vulnerability in Cisco Protection let Hackers Execute an Arbitrary code Remotely


📈 41.55 Punkte
🕵️ Hacking

🕵️ Critical Vulnerability in Android Phone Let Hackers Execute an Arbitrary Code Remotely


📈 41.55 Punkte
🕵️ Hacking

📰 Critical Skype Bug Lets Hackers Remotely Execute Malicious Code


📈 41.55 Punkte
📰 IT Security Nachrichten

🕵️ WhatsApp Discloses 6 Bugs That Allows Attackers to Execute Code Remotely


📈 39.61 Punkte
🕵️ Hacking

📰 Critical Exim TLS Flaw Lets Attackers Remotely Execute Commands as Root


📈 39.56 Punkte
📰 IT Security Nachrichten

🕵️ Multiple Critical Vulnerabilities Affected Huawei’s Web Application that Allows Hackers To Execute Code


📈 39.35 Punkte
🕵️ Hacking

📰 CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports


📈 37.94 Punkte
📰 IT Security Nachrichten

🕵️ Researchers warn of a new critical Apache OFBiz flaw


📈 37.94 Punkte
🕵️ Hacking

📰 Critical Apache OFBiz pre-auth RCE flaw fixed, update ASAP! (CVE-2024-38856)


📈 37.94 Punkte
📰 IT Security Nachrichten

🕵️ Critical Apache HugeGraph Flaw Let Attackers Execute Remote Code


📈 37.77 Punkte
🕵️ Hacking

📰 Evernote Flaw Allows Hackers to Steal Files, Execute Commands


📈 36.43 Punkte
📰 IT Security Nachrichten

🕵️ Critical Vulnerabilities in IBM QRadar Allow Attackers to Execute Arbitrary Code Remotely


📈 36.05 Punkte
🕵️ Hacking

📰 Apache OFBiz Update Fixes High-Severity Flaw Leading to Remote Code Execution


📈 35.23 Punkte
📰 IT Security Nachrichten

🕵️ New WhatsApp 0-Day Bug Let Hackers Execute a Code & Take Full App Control Remotely


📈 35.12 Punkte
🕵️ Hacking

🕵️ RCE Bug in ZOHO Products Let Hackers Execute Arbitrary Code Remotely


📈 35.12 Punkte
🕵️ Hacking

🕵️ SMBleed – Windows SMB Protocol Bug Let Hackers Leak Kernel Memory & Execute a Code Remotely


📈 35.12 Punkte
🕵️ Hacking

📰 Linux TCP Flaw allows Hackers to Hijack Internet Traffic and Inject Malware Remotely


📈 34.9 Punkte
📰 IT Security Nachrichten

📰 Linux TCP Flaw allows Hackers to Hijack Internet Traffic and Inject Malware Remotely


📈 34.9 Punkte
📰 IT Security Nachrichten

🕵️ Flaw in Ad Inserter WordPress plugin allows remote attackers to execute code


📈 34.64 Punkte
🕵️ Hacking

📰 Apache fixes critical OFBiz remote code execution vulnerability


📈 34.43 Punkte
📰 IT Security Nachrichten

📰 Critical Apache Avro SDK Flaw Allows Remote Code Execution in Java Applications


📈 34.03 Punkte
📰 IT Security Nachrichten

📰 Critical Apache Struts 2 Flaw Allows Remote Code Execution


📈 34.03 Punkte
📰 IT Security Nachrichten

🕵️ Critical PHP Flaws Allows Attackers to Execute Remote Code on QNAP NAS Devices


📈 33.85 Punkte
🕵️ Hacking

matomo