cve/2023/CVE-2023-51467.md

### [CVE-2023-51467](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51467)
![](https://img.shields.io/static/v1?label=Product&message=Apache%20OFBiz&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=0%3C%2018.12.11%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Pre-authentication%20Remote%20Code%20Execution%20(RCE)%20vulnerability&color=brighgreen)

### Description

The vulnerability permits attackers to circumvent authentication processes, enabling them to remotely execute arbitrary code

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/0x7ax/Bizness
- https://github.com/0xsyr0/OSCP
- https://github.com/20142995/sectool
- https://github.com/Chocapikk/CVE-2023-51467
- https://github.com/D0g3-8Bit/OFBiz-Attack
- https://github.com/Drun1baby/JavaSecurityLearning
- https://github.com/Jake123otte1/BadBizness-CVE-2023-51467
- https://github.com/JaneMandy/CVE-2023-51467
- https://github.com/JaneMandy/CVE-2023-51467-Exploit
- https://github.com/K3ysTr0K3R/CVE-2023-51467-EXPLOIT
- https://github.com/K3ysTr0K3R/K3ysTr0K3R
- https://github.com/Marco-zcl/POC
- https://github.com/Ostorlab/KEV
- https://github.com/Praison001/Apache-OFBiz-Auth-Bypass-and-RCE-Exploit-CVE-2023-49070-CVE-2023-51467
- https://github.com/Rishi-45/Bizness-Machine-htb
- https://github.com/SenukDias/OSCP_cheat
- https://github.com/Subha-BOO7/Exploit_CVE-2023-51467
- https://github.com/Threekiii/Awesome-POC
- https://github.com/Threekiii/CVE
- https://github.com/Threekiii/Vulhub-Reproduce
- https://github.com/Tropinene/Yscanner
- https://github.com/UserConnecting/Exploit-CVE-2023-49070-and-CVE-2023-51467-Apache-OFBiz
- https://github.com/Y4tacker/JavaSec
- https://github.com/bakery312/Vulhub-Reproduce
- https://github.com/basicinfosecurity/exploits
- https://github.com/bruce120/Apache-OFBiz-Authentication-Bypass
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/jakabakos/Apache-OFBiz-Authentication-Bypass
- https://github.com/murayr/Bizness
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/securelayer7/CVE-Analysis
- https://github.com/tanjiti/sec_profile
- https://github.com/tw0point/BadBizness-CVE-2023-51467
- https://github.com/txuswashere/OSCP
- https://github.com/vulncheck-oss/cve-2023-51467
- https://github.com/vulncheck-oss/go-exploit
- https://github.com/wjlin0/poc-doc
- https://github.com/wy876/POC
- https://github.com/xingchennb/POC-
- https://github.com/yukselberkay/CVE-2023-49070_CVE-2023-51467
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2023-51467](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51467)`
			`![](https://img.shields.io/static/v1?label=Product&message=Apache%20OFBiz&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=0%3C%2018.12.11%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Pre-authentication%20Remote%20Code%20Execution%20(RCE)%20vulnerability&color=brighgreen)`

			`### Description`

			`The vulnerability permits attackers to circumvent authentication processes, enabling them to remotely execute arbitrary code`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/0x7ax/Bizness`
			`- https://github.com/0xsyr0/OSCP`
			`- https://github.com/20142995/sectool`
			`- https://github.com/Chocapikk/CVE-2023-51467`
			`- https://github.com/D0g3-8Bit/OFBiz-Attack`
Update CVE sources 2024-05-28 08:49 2024-05-28 08:49:17 +00:00			`- https://github.com/Drun1baby/JavaSecurityLearning`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/Jake123otte1/BadBizness-CVE-2023-51467`
			`- https://github.com/JaneMandy/CVE-2023-51467`
			`- https://github.com/JaneMandy/CVE-2023-51467-Exploit`
			`- https://github.com/K3ysTr0K3R/CVE-2023-51467-EXPLOIT`
Update CVE sources 2024-05-28 08:49 2024-05-28 08:49:17 +00:00			`- https://github.com/K3ysTr0K3R/K3ysTr0K3R`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/Marco-zcl/POC`
			`- https://github.com/Ostorlab/KEV`
			`- https://github.com/Praison001/Apache-OFBiz-Auth-Bypass-and-RCE-Exploit-CVE-2023-49070-CVE-2023-51467`
			`- https://github.com/Rishi-45/Bizness-Machine-htb`
Update CVE sources 2024-08-05 18:41 2024-08-05 18:41:32 +00:00			`- https://github.com/SenukDias/OSCP_cheat`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/Subha-BOO7/Exploit_CVE-2023-51467`
Update CVE sources 2024-05-28 08:49 2024-05-28 08:49:17 +00:00			`- https://github.com/Threekiii/Awesome-POC`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/Threekiii/CVE`
			`- https://github.com/Threekiii/Vulhub-Reproduce`
			`- https://github.com/Tropinene/Yscanner`
			`- https://github.com/UserConnecting/Exploit-CVE-2023-49070-and-CVE-2023-51467-Apache-OFBiz`
			`- https://github.com/Y4tacker/JavaSec`
			`- https://github.com/bakery312/Vulhub-Reproduce`
Update CVE sources 2024-05-28 08:49 2024-05-28 08:49:17 +00:00			`- https://github.com/basicinfosecurity/exploits`
			`- https://github.com/bruce120/Apache-OFBiz-Authentication-Bypass`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/d4n-sec/d4n-sec.github.io`
			`- https://github.com/jakabakos/Apache-OFBiz-Authentication-Bypass`
Update CVE sources 2024-05-28 08:49 2024-05-28 08:49:17 +00:00			`- https://github.com/murayr/Bizness`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/nomi-sec/PoC-in-GitHub`
Update CVE sources 2024-08-17 18:41 2024-08-17 18:41:15 +00:00			`- https://github.com/securelayer7/CVE-Analysis`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/tanjiti/sec_profile`
Update CVE sources 2024-06-10 07:22 2024-06-10 07:22:43 +00:00			`- https://github.com/tw0point/BadBizness-CVE-2023-51467`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/txuswashere/OSCP`
			`- https://github.com/vulncheck-oss/cve-2023-51467`
			`- https://github.com/vulncheck-oss/go-exploit`
Update CVE sources 2024-05-28 08:49 2024-05-28 08:49:17 +00:00			`- https://github.com/wjlin0/poc-doc`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/wy876/POC`
			`- https://github.com/xingchennb/POC-`
			`- https://github.com/yukselberkay/CVE-2023-49070_CVE-2023-51467`