Security News > 2023 > December > Apache OFBiz RCE flaw exploited to find vulnerable Confluence servers
2023-12-28 16:20
A critical Apache OFBiz pre-authentication remote code execution vulnerability is being actively exploited using public proof of concept exploits.
Online URL. The researchers further said those scanning vulnerable servers are particularly interested in finding vulnerable Confluence servers.
To minimize the risk, users of Apache OFBiz are recommended to upgrade to version 18.12.11 as soon as possible.
HelloKitty ransomware now exploiting Apache ActiveMQ flaw in attacks.
Hackers are exploiting critical Apache Struts flaw using public PoC. Sophos backports RCE fix after attacks on unsupported firewalls.
3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed online.
News URL
Related news
- Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks (source)
- Apache issues patches for critical Struts 2 RCE bug (source)
- New critical Apache Struts flaw exploited to find vulnerable servers (source)
- Apache fixes remote code execution bypass in Tomcat web server (source)
- Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serialization (source)
- Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits (source)