Security News > 2024 > January > New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems
2024-01-11 14:16
Cybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source Enterprise Resource Planning (ERP) system to execute a memory-resident payload. The vulnerability in question is CVE-2023-51467 (CVSS score: 9.8), a bypass for another severe shortcoming in the same software (
News URL
https://thehackernews.com/2024/01/new-poc-exploit-for-apache-ofbiz.html
Related news
- CISA Warns of Active Exploits Targeting Trimble Cityworks Vulnerability (source)
- Researchers Find New Exploit Bypassing Patched NVIDIA Container Toolkit Vulnerability (source)
- SonicWall firewall bug leveraged in attacks after PoC exploit release (source)
- PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159) (source)
- MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Targets Over 6,000 Devices (source)
- Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure (source)
- Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk? (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-26 | CVE-2023-51467 | Server-Side Request Forgery (SSRF) vulnerability in Apache Ofbiz The vulnerability permits attackers to circumvent authentication processes, enabling them to remotely execute arbitrary code | 9.8 |