Security News > 2023 > November > 3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed online
Over three thousand internet-exposed Apache ActiveMQ servers are vulnerable to a recently disclosed critical remote code execution vulnerability.
Apache ActiveMQ is a scalable open-source message broker that fosters communication between clients and servers, supporting Java and various cross-language clients and many protocols, including AMQP, MQTT, OpenWire, and STOMP. Thanks to the project's support for a diverse set of secure authentication and authorization mechanisms, it is widely used in enterprise environments where systems communicate without direct connectivity.
Researchers from threat monitoring service ShadowServer found 7,249 servers accessible with ActiveMQ services.
Of those, 3,329 were found to run an ActiveMQ version vulnerable to CVE-2023-4660, with all of these servers vulnerable to remote code execution.
Millions of Exim mail servers exposed to zero-day RCE attacks.
Thousands of Juniper devices vulnerable to unauthenticated RCE flaw.
News URL
Related news
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks (source)
- Over 660,000 Rsync servers exposed to code execution attacks (source)
- SonicWall warns of SMA1000 RCE flaw exploited in zero-day attacks (source)
- Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits (source)
- CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks (source)
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- New OpenSSH flaws expose SSH servers to MiTM and DoS attacks (source)
- Online crime-as-a-service skyrockets with 24,000 users selling attack tools (source)