by @jakaba
26 Feb 2024

RocketMQ RCE (CVE-2023-33246)

by @jakaba
26 Feb 2024

RocketMQ RCE (CVE-2023-33246)

CVEs

9.8 Critical Severity

Apps

R
RocketmqApache
4.9.7.*
4.9.5.*
4.9.6.*
4.9.4.*
4.9.3.*
4.9.2.*
5.1.2.*
4.7.1.*
4.6.1.*
5.3.0.*

Screenshots from the blog posts

images/clt1dx8cv8ddx1hn04r7h0vzl.pngimages/clt1dx8cv8ddx1hn04r7h0vzl.png

Summary

A critical remote code execution (RCE) vulnerability, CVE-2023-33246, was identified in Apache RocketMQ versions 5.1.0 and below. This vulnerability allows attackers to execute arbitrary commands as the system user running the application, posing a significant risk to affected systems. The exploit has been actively leveraged by threat actors, leading to the deployment of the DreamBus botnet.

Description

users/photos/clj8b3h1k16g10uoihwvzgsxi.png

@jakaba

74 posts

Total vcoins

64.3K

Social media links

Comments (0)