From 0d1a45539ec7a94d61047b7731fb372c2d8b5f17 Mon Sep 17 00:00:00 2001
From: Goby <50955360+gobysec@users.noreply.github.com>
Date: Thu, 29 Feb 2024 17:38:49 +0800
Subject: [PATCH] Create
 kafka-ui_messages_remote_code_execution_vulnerability_(CVE-2023-52251).md

---
 ...code_execution_vulnerability_(CVE-2023-52251).md | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 kafka-ui_messages_remote_code_execution_vulnerability_(CVE-2023-52251).md

diff --git a/kafka-ui_messages_remote_code_execution_vulnerability_(CVE-2023-52251).md b/kafka-ui_messages_remote_code_execution_vulnerability_(CVE-2023-52251).md
new file mode 100644
index 0000000..0d0ba69
--- /dev/null
+++ b/kafka-ui_messages_remote_code_execution_vulnerability_(CVE-2023-52251).md
@@ -0,0 +1,13 @@
+## 	kafka-ui messages remote code execution vulnerability (CVE-2023-52251)
+
+|   **Vulnerability**  | 	kafka-ui messages remote code execution vulnerability (CVE-2023-52251)  |
+| :----:   | :-----|
+|  **Chinese name**  | kafka-ui messages 远程代码执行漏洞（CVE-2023-52251） |
+| **CVSS core**  | 8.8 |
+| **FOFA Query**  (click to view the results directly)| [	app="kafka-ui"](https://en.fofa.info/result?qbase64=Ym9keT0iZm9udHMvUm9ib3RvTW9uby1SZWd1bGFyLnR0ZiIgfHwgYm9keT0iL2ZvbnRzL1JvYm90b01vbm8tTWVkaXVtLnR0ZiIgfHwgYm9keT0iVUkgZm9yIEFwYWNoZSBLYWZrYSI%3D)|
+| **Number of assets affected**  | 6503 |
+| **Description**  | 		The kafka-ui project is developed and maintained by Provectus Company and aims to provide Kafka users with a visual management tool to simplify the management and monitoring tasks of Kafka clusters.kafka-ui has a remote code execution vulnerability in the q parameter of /api/clusters/local/topics/{topic}/messages. An attacker can use this vulnerability to execute arbitrary code on the server side, write a backdoor, obtain server permissions, and then Control the entire web server. |
+| **Impact** | kafka-ui has a remote code execution vulnerability in the q parameter of /api/clusters/local/topics/{topic}/messages. An attacker can use this vulnerability to execute arbitrary code on the server side, write a backdoor, obtain server permissions, and then Control the entire web server. |
+
+![](https://s3.bmp.ovh/imgs/2024/02/29/fb6a40c3ef8c3953.gif).
+