admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-06-20 09:50:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update GobyVuls-Document.md

Browse Source
This commit is contained in:
Goby 2024-03-15 19:57:26 +08:00 committed by GitHub
parent 88548662ee
commit 8c776ef00f
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 16 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
GobyVuls-Document.md
View File

@ -1,7 +1,22 @@
# Goby History Update Vulnerability Total Document (Continuously Update)
The following content is an updated vulnerability from Goby. Some of the vulnerabilities are recorded on the screen for easy viewing.
**Updated document date: March 1, 2024**
**Updated document date: March 15, 2024**
## Apache Kafka Connect remote code execution vulnerability (CVE-2023-25194)
| **Vulnerability** | Apache Kafka Connect remote code execution vulnerability (CVE-2023-25194) |
| :----: | :-----|
| **Chinese name** | Apache Druid Kafka Connect 远程代码执行漏洞CVE-2023-25194 |
| **CVSS core** | 8.8 |
| **FOFA Query** (click to view the results directly)| [app="APACHE-Druid"](https://en.fofa.info/result?qbase64=Ym9keT0iQXBhY2hlIERydWlkIGNvbnNvbGUiIHx8IHRpdGxlPSJBcGFjaGUgRHJ1aWQiIHx8IGhlYWRlcj0idW5pZmllZC1jb25zb2xlLmh0bWwiIHx8IGJhbm5lcj0idW5pZmllZC1jb25zb2xlLmh0bWwi)|
| **Number of assets affected** |2935 |
| **Description** | Apache Druid is an open source distributed data storage and analysis system. It is designed to handle large-scale real-time data and provide fast interactive query and analysis.Apache Druid uses the vulnerable Kafka Connect. An attacker can access the Kafka Connect Worker and create or modify the connector by setting the sasl.jaas.config attribute to a malicious class, which can lead to a JNDI injection vulnerability. This vulnerability can be used Execute code arbitrarily on the server side, write backdoors, obtain server permissions, and then control the entire web server. |
| **Impact** | Apache Druid uses the vulnerable Kafka Connect. An attacker can access the Kafka Connect Worker and create or modify the connector by setting the sasl.jaas.config attribute to a malicious class, which can lead to a JNDI injection vulnerability. This vulnerability can be used Execute code arbitrarily on the server side, write backdoors, obtain server permissions, and then control the entire web server. |
![](https://s3.bmp.ovh/imgs/2024/03/15/7a1efed457cb487c.gif).
## ComfyUI follow_symlinks File Read Vulnerability (CVE-2024-23334)