Security News > 2024 > August > Mirai Botnet targeting OFBiz Servers Vulnerable to Directory Traversal

Mirai Botnet targeting OFBiz Servers Vulnerable to Directory Traversal
2024-08-02 10:52

The SANS Internet Storm Center published a report showing how the open-source ERP framework OFBiz is currently the target of new varieties of the Mirai botnet.

The update fixed a directory traversal vulnerability that could lead to remote command execution.

CISA pointed out that they are currently tracking 55 directory traversal vulnerabilities as part of the "Known Exploited Vulnerabilities" catalog.

For OFBiz, the directory traversal is easily triggered by inserting a semicolon.

This weekend, these sensors detected a significant increase in attempts to exploit CVE-2024-32213, the OFBiz mentioned above directory traversal vulnerability, which was immediately picked up by the "First Seen" report.

With the vulnerability announcement in May, we have been waiting for some scans to take advantage of the OFBiz vulnerability.


News URL

https://thehackernews.com/2024/08/mirai-botnet-targeting-ofbiz-servers.html