# Apache RocketMQ:在使用更新配置功能时可能存在远程代码执行漏洞
## 漏洞概述
RocketMQ NameServer 组件存在远程命令执行漏洞,CVE-2023-33246 问题在版本 5.1.1 中并未完全修复。
## 影响版本
- RocketMQ 5.x 低于 5.1.2 版本
- RocketMQ 4.x 低于 4.9.7 版本
## 细节
当 NameServer 地址泄露到外网并且缺乏权限验证时,攻击者可以通过利用 NameServer 组件的更新配置功能来执行命令。这些命令将以 RocketMQ 运行的系统用户身份执行。
## 影响
攻击者可以利用此漏洞以系统用户身份执行任意命令,导致系统被控制或数据泄露等严重后果。建议用户升级到 5.1.2 及以上版本(RocketMQ 5.x)或 4.9.7 及以上版本(RocketMQ 4.x)以防止此类攻击。
| # | POC 描述 | 源链接 | 神龙链接 |
|---|---|---|---|
| 1 | Apache RocketMQ Arbitrary File Write Vulnerability Exploit | https://github.com/Malayke/CVE-2023-37582_EXPLOIT | POC详情 |
| 2 | None | https://github.com/Threekiii/Awesome-POC/blob/master/%E4%B8%AD%E9%97%B4%E4%BB%B6%E6%BC%8F%E6%B4%9E/Apache%20RocketMQ%20NameServer%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E5%86%99%E5%85%A5%E6%BC%8F%E6%B4%9E%20CVE-2023-37582.md | POC详情 |
| 3 | https://github.com/vulhub/vulhub/blob/master/rocketmq/CVE-2023-37582/README.md | POC详情 | |
| 4 | None | https://github.com/laishouchao/Apache-RocketMQ-RCE-CVE-2023-37582-poc | POC详情 |
| 5 | None | https://github.com/shoucheng3/apache__rocketmq_CVE-2023-37582_4-9-6 | POC详情 |
| 6 | The RocketMQ NameServer component still has a remote command execution vulnerability as the CVE-2023-33246 issue was not completely fixed in version 5.1.1. When NameServer address are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function on the NameServer component to execute commands as the system users that RocketMQ is running as. It is recommended for users to upgrade their NameServer version to 5.1.2 or above for RocketMQ 5.x or 4.9.7 or above for RocketMQ 4.x to prevent these attacks. | https://github.com/projectdiscovery/nuclei-templates/blob/main/network/cves/2023/CVE-2023-37582.yaml | POC详情 |
暂无评论