admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-06 02:31:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
GobyVuls/CVE-2023-33246.md
Goby c3617e1e77
Create CVE-2023-33246.md 
CVE-2023-33246
2023-06-16 21:28:17 +08:00

1.4 KiB
Raw Permalink Blame History

RocketMQ Broker rocketmqHome Config Remote Command Execution Vulnerability (CVE-2023-33246)

Vulnerability RocketMQ Broker rocketmqHome Config Remote Command Execution Vulnerability (CVE-2023-33246)
Chinese name RocketMQ Broker rocketmqHome Config 远程命令执行漏洞CVE-2023-33246
CVSS core 9.8
FOFA Query (click to view the results directly) protocol="rocketmq-broker"
Number of assets affected 10087
Description Apache RocketMQ is a lightweight data processing platform and messaging engine developed by the Apache Software Foundation in the United States. There is a code injection vulnerability in Apache RocketMQ 5.1.0 and earlier versions, which originates from a remote command execution vulnerability. Attackers can exploit this vulnerability to execute commands with system user privileges using the update configuration function.
Impact There is a code injection vulnerability in Apache RocketMQ 5.1.0 and earlier versions, which originates from a remote command execution vulnerability. Attackers can exploit this vulnerability to execute commands with system user privileges using the update configuration function.