admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-30 18:20:53 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2023/CVE-2023-49070.md
0xMarcio 4edef1e4c8 Update CVE sources 2024-05-28 08:49
2024-05-28 08:49:17 +00:00

46 lines
2.1 KiB
Markdown
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

### [CVE-2023-49070](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49070)
![](https://img.shields.io/static/v1?label=Product&message=Apache%20OFBiz&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-94%20Improper%20Control%20of%20Generation%20of%20Code%20('Code%20Injection')&color=brighgreen)
### Description
Pre-auth RCE in Apache Ofbiz 18.12.09.It's due to XML-RPC no longer maintained still present.This issue affects Apache OFBiz: before 18.12.10. Users are recommended to upgrade to version 18.12.10
### POC
#### Reference
- http://packetstormsecurity.com/files/176323/Apache-OFBiz-18.12.09-Remote-Code-Execution.html
#### Github
- https://github.com/0xrobiul/CVE-2023-49070
- https://github.com/0xsyr0/OSCP
- https://github.com/Chocapikk/CVE-2023-51467
- https://github.com/D0g3-8Bit/OFBiz-Attack
- https://github.com/Jake123otte1/BadBizness-CVE-2023-51467
- https://github.com/Marco-zcl/POC
- https://github.com/Ostorlab/KEV
- https://github.com/Praison001/Apache-OFBiz-Auth-Bypass-and-RCE-Exploit-CVE-2023-49070-CVE-2023-51467
- https://github.com/Rishi-45/Bizness-Machine-htb
- https://github.com/SrcVme50/Bizness
- https://github.com/Threekiii/Awesome-POC
- https://github.com/Threekiii/CVE
- https://github.com/Threekiii/Vulhub-Reproduce
- https://github.com/UserConnecting/Exploit-CVE-2023-49070-and-CVE-2023-51467-Apache-OFBiz
- https://github.com/Y4tacker/JavaSec
- https://github.com/abdoghazy2015/ofbiz-CVE-2023-49070-RCE-POC
- https://github.com/bakery312/Vulhub-Reproduce
- https://github.com/bruce120/Apache-OFBiz-Authentication-Bypass
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/jakabakos/Apache-OFBiz-Authentication-Bypass
- https://github.com/mintoolkit/mint
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/slimtoolkit/slim
- https://github.com/tanjiti/sec_profile
- https://github.com/txuswashere/OSCP
- https://github.com/wjlin0/poc-doc
- https://github.com/wy876/POC
- https://github.com/xingchennb/POC-
- https://github.com/yukselberkay/CVE-2023-49070_CVE-2023-51467
Reference in New Issue View Git Blame Copy Permalink