Security News > 2024 > August > Mirai Botnet targeting OFBiz Servers Vulnerable to Directory Traversal
The SANS Internet Storm Center published a report showing how the open-source ERP framework OFBiz is currently the target of new varieties of the Mirai botnet.
The update fixed a directory traversal vulnerability that could lead to remote command execution.
CISA pointed out that they are currently tracking 55 directory traversal vulnerabilities as part of the "Known Exploited Vulnerabilities" catalog.
For OFBiz, the directory traversal is easily triggered by inserting a semicolon.
This weekend, these sensors detected a significant increase in attempts to exploit CVE-2024-32213, the OFBiz mentioned above directory traversal vulnerability, which was immediately picked up by the "First Seen" report.
With the vulnerability announcement in May, we have been waiting for some scans to take advantage of the OFBiz vulnerability.
News URL
https://thehackernews.com/2024/08/mirai-botnet-targeting-ofbiz-servers.html
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-01 | CVE-2024-32213 | The LoMag WareHouse Management application version 1.0.20.120 and older were found to allow weak passwords. | 0.0 |