一、 漏洞 CVE-2023-33246 基础信息
漏洞标题
Apache RocketMQ:在使用更新配置功能时可能存在远程代码执行漏洞
来源:AIGC 神龙大模型
漏洞描述信息
Apache RocketMQ:使用更新配置功能时可能存在远程代码执行漏洞
来源:AIGC 神龙大模型
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
来源:AIGC 神龙大模型
漏洞类别
危险类型文件的不加限制上传
来源:AIGC 神龙大模型
漏洞标题
Apache RocketMQ: Possible remote code execution vulnerability when using the update configuration function
来源:美国国家漏洞数据库 NVD
漏洞描述信息
For RocketMQ versions 5.1.0 and below, under certain conditions, there is a risk of remote command execution.  Several components of RocketMQ, including NameServer, Broker, and Controller, are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function to execute commands as the system users that RocketMQ is running as. Additionally, an attacker can achieve the same effect by forging the RocketMQ protocol content.  To prevent these attacks, users are recommended to upgrade to version 5.1.1 or above for using RocketMQ 5.x or 4.9.6 or above for using RocketMQ 4.x .
来源:美国国家漏洞数据库 NVD
CVSS信息
N/A
来源:美国国家漏洞数据库 NVD
漏洞类别
对生成代码的控制不恰当(代码注入)
来源:美国国家漏洞数据库 NVD
漏洞标题
Apache RocketMQ 代码注入漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
Apache RocketMQ是美国阿帕奇(Apache)基金会的一款轻量级的数据处理平台和消息传递引擎。 Apache RocketMQ 5.1.0及之前版本存在代码注入漏洞,该漏洞源于存在远程命令执行漏洞,攻击者可以利用该漏洞利用更新配置功能以系统用户身份执行命令。
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
代码注入
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2023-33246 的公开POC
# POC 描述 源链接 神龙链接
1 None https://github.com/I5N0rth/CVE-2023-33246 POC详情
2 None https://github.com/yizhimanpadewoniu/CVE-2023-33246-Copy POC详情
3 Apache RocketMQ 远程代码执行漏洞(CVE-2023-33246) Exploit https://github.com/Le1a/CVE-2023-33246 POC详情
4 Apache RocketMQ 远程代码执行漏洞(CVE-2023-33246) Exploit https://github.com/SuperZero/CVE-2023-33246 POC详情
5 CVE-2023-33246 RocketMQ RCE Detect By Version and Exploit https://github.com/Malayke/CVE-2023-33246_RocketMQ_RCE_EXPLOIT POC详情
6 CVE-2023-33246:Apache RocketMQ 远程命令执行漏洞检测工具 https://github.com/CKevens/CVE-2023-33246 POC详情
7 RocketMQ RCE (CVE-2023-33246) woodpecker 利用插件 https://github.com/cr1me0/rocketMq_RCE POC详情
8 CVE-2023-33246 https://github.com/Devil0ll/CVE-2023-33246 POC详情
9 CVE-2023-33246 POC https://github.com/d0rb/CVE-2023-33246 POC详情
10 A tool to fetch the RocketMQ broker configuration in order to discover indicators of compromise for CVE-2023-33246 https://github.com/vulncheck-oss/fetch-broker-conf POC详情
11 CVE-2023-33246 - Apache RocketMQ config RCE https://github.com/0xKayala/CVE-2023-33246 POC详情
12 None https://github.com/MkJos/CVE-2023-33246_RocketMQ_RCE_EXP POC详情
13 None https://github.com/hanch7274/CVE-2023-33246 POC详情
14 CVE-2023-33246:Apache RocketMQ 远程命令执行漏洞检测工具 https://github.com/3yujw7njai/CVE-2023-33246 POC详情
15 None https://github.com/PavilionQ/CVE-2023-33246-mitigation POC详情
16 None https://github.com/4mazing/CVE-2023-33246-Copy POC详情
17 None https://github.com/Sumitpathania03/Apache-RocketMQ-CVE-2023-33246- POC详情
18 CVE-2023-33246:Apache RocketMQ 远程命令执行漏洞检测工具 https://github.com/AiK1d/CVE-2023-33246 POC详情
19 For RocketMQ versions 5.1.0 and below, under certain conditions, there is a risk of remote command execution. Several components of RocketMQ, including NameServer, Broker, and Controller, are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function to execute commands as the system users that RocketMQ is running as. Additionally, an attacker can achieve the same effect by forging the RocketMQ protocol content. To prevent these attacks, users are recommended to upgrade to version 5.1.1 or above for using RocketMQ 5.x or 4.9.6 or above for using RocketMQ 4.x . https://github.com/projectdiscovery/nuclei-templates/blob/main/network/cves/2023/CVE-2023-33246.yaml POC详情
20 None https://github.com/Threekiii/Awesome-POC/blob/master/%E4%B8%AD%E9%97%B4%E4%BB%B6%E6%BC%8F%E6%B4%9E/Apache%20RocketMQ%20Broker%20%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2023-33246.md POC详情
21 https://github.com/vulhub/vulhub/blob/master/rocketmq/CVE-2023-33246/README.md POC详情
三、漏洞 CVE-2023-33246 的情报信息