Security News > 2023 > December > Apache OFBiz RCE flaw exploited to find vulnerable Confluence servers

Apache OFBiz RCE flaw exploited to find vulnerable Confluence servers
2023-12-28 16:20

A critical Apache OFBiz pre-authentication remote code execution vulnerability is being actively exploited using public proof of concept exploits.

Online URL. The researchers further said those scanning vulnerable servers are particularly interested in finding vulnerable Confluence servers.

To minimize the risk, users of Apache OFBiz are recommended to upgrade to version 18.12.11 as soon as possible.

HelloKitty ransomware now exploiting Apache ActiveMQ flaw in attacks.

Hackers are exploiting critical Apache Struts flaw using public PoC. Sophos backports RCE fix after attacks on unsupported firewalls.

3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed online.


News URL

https://www.bleepingcomputer.com/news/security/apache-ofbiz-rce-flaw-exploited-to-find-vulnerable-confluence-servers/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apache 281 13 549 713 367 1642