Security News > 2023 > November > 3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed online
Over three thousand internet-exposed Apache ActiveMQ servers are vulnerable to a recently disclosed critical remote code execution vulnerability.
Apache ActiveMQ is a scalable open-source message broker that fosters communication between clients and servers, supporting Java and various cross-language clients and many protocols, including AMQP, MQTT, OpenWire, and STOMP. Thanks to the project's support for a diverse set of secure authentication and authorization mechanisms, it is widely used in enterprise environments where systems communicate without direct connectivity.
Researchers from threat monitoring service ShadowServer found 7,249 servers accessible with ActiveMQ services.
Of those, 3,329 were found to run an ActiveMQ version vulnerable to CVE-2023-4660, with all of these servers vulnerable to remote code execution.
Millions of Exim mail servers exposed to zero-day RCE attacks.
Thousands of Juniper devices vulnerable to unauthenticated RCE flaw.
News URL
Related news
- Over 50,000 Tinyproxy servers vulnerable to critical RCE flaw (source)
- New attack leaks VPN traffic using rogue DHCP servers (source)
- MS Exchange Server Flaws Exploited to Deploy Keylogger in Targeted Attacks (source)
- Three-year-old Apache Flink flaw under active attack (source)
- Oracle WebLogic Server OS Command Injection Flaw Under Active Attack (source)
- Muhstik Botnet Exploiting Apache RocketMQ Flaw to Expand DDoS Attacks (source)
- POC exploit code published for 9.8-rated Apache HugeGraph RCE flaw (source)
- TellYouThePass ransomware exploits recent PHP RCE flaw to breach servers (source)
- Critical RCE flaws in vCenter Server fixed (CVE-2024-37079, CVE-2024-37080) (source)
- Week in review: CDK Global cyberattack, critical vCenter Server RCE fixed (source)