# Apache ActiveMQ 未限制反序列化RCE漏洞
## 漏洞概述
Java OpenWire 协议的序列化处理程序存在远程代码执行漏洞。攻击者可以通过操纵 OpenWire 协议中的序列化类类型,导致客户端或代理实例化任意类路径上的类,从而执行任意 shell 命令。
## 影响版本
- 5.15.x (低于 5.15.16)
- 5.16.x (低于 5.16.7)
- 5.17.x (低于 5.17.6)
- 5.18.x (低于 5.18.3)
## 细节
此漏洞允许具备网络访问权限的远程攻击者通过操纵 OpenWire 协议中的序列化类类型,导致 Java 基础的 OpenWire 代理或客户端实例化任意类路径上的类,进而执行任意 shell 命令。
## 影响
该漏洞可能导致远程代码执行,攻击者可以利用此漏洞通过网络直接控制或攻击使用受影响版本的 Java OpenWire 协议的客户端或代理。
## 解决方案
建议用户更新到修复该漏洞的版本:5.15.16、5.16.7、5.17.6 或 5.18.3。
| # | POC 描述 | 源链接 | 神龙链接 |
|---|---|---|---|
| 1 | ActiveMQ RCE (CVE-2023-46604) 漏洞利用工具, 基于 Go 语言 | https://github.com/X1r0z/ActiveMQ-RCE | POC详情 |
| 2 | CVE-2023-46604 | https://github.com/JaneMandy/ActiveMQ_RCE_Pro_Max | POC详情 |
| 3 | Achieving a Reverse Shell Exploit for Apache ActiveMQ (CVE_2023-46604) | https://github.com/SaumyajeetDas/CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ | POC详情 |
| 4 | None | https://github.com/evkl1d/CVE-2023-46604 | POC详情 |
| 5 | CVE-2023-46604 ActiveMQ RCE vulnerability verification/exploitation tool | https://github.com/sule01u/CVE-2023-46604 | POC详情 |
| 6 | CVE-2023-46604 Apache ActiveMQ RCE exp 基于python | https://github.com/justdoit-cai/CVE-2023-46604-Apache-ActiveMQ-RCE-exp | POC详情 |
| 7 | None | https://github.com/h3x3h0g/ActiveMQ-RCE-CVE-2023-46604-Write-up | POC详情 |
| 8 | This script leverages CVE-2023046604 (Apache ActiveMQ) to generate a pseudo shell. The vulnerability allows for remote code execution due to unsafe deserialization within the OpenWire protocol. | https://github.com/duck-sec/CVE-2023-46604-ActiveMQ-RCE-pseudoshell | POC详情 |
| 9 | POC repo for CVE-2023-46604 | https://github.com/vjayant93/CVE-2023-46604-POC | POC详情 |
| 10 | CVE-2023-46604环境复现包 | https://github.com/LiritoShawshark/CVE-2023-46604_ActiveMQ_RCE_Recurrence | POC详情 |
| 11 | None | https://github.com/NKeshawarz/CVE-2023-46604-RCE | POC详情 |
| 12 | PY | https://github.com/minhangxiaohui/ActiveMQ_CVE-2023-46604 | POC详情 |
| 13 | None | https://github.com/nitzanoligo/CVE-2023-46604-demo | POC详情 |
| 14 | Repository to exploit CVE-2023-46604 reported for ActiveMQ | https://github.com/tomasmussi-mulesoft/activemq-cve-2023-46604 | POC详情 |
| 15 | CVE-2023-46604 | https://github.com/trganda/ActiveMQ-RCE | POC详情 |
| 16 | Exploit for CVE-2023-46604 | https://github.com/mrpentst/CVE-2023-46604 | POC详情 |
| 17 | None | https://github.com/dcm2406/CVE-2023-46604 | POC详情 |
| 18 | CVE-2023-46604 - ApacheMQ Version 5.15.5 Vulnerability Machine: Broker | https://github.com/Mudoleto/Broker_ApacheMQ | POC详情 |
| 19 | None | https://github.com/hh-hunter/cve-2023-46604 | POC详情 |
| 20 | None | https://github.com/ST3G4N05/ExploitScript-CVE-2023-46604 | POC详情 |
| 21 | ActiveMQ RCE (CVE-2023-46604) 回显利用工具 | https://github.com/Arlenhiack/ActiveMQ-RCE-Exploit | POC详情 |
| 22 | None | https://github.com/ph-hitachi/CVE-2023-46604 | POC详情 |
| 23 | A go-exploit for Apache ActiveMQ CVE-2023-46604 | https://github.com/vulncheck-oss/cve-2023-46604 | POC详情 |
| 24 | activemq-rce-cve-2023-46604 | https://github.com/thinkycx/activemq-rce-cve-2023-46604 | POC详情 |
| 25 | CVE-2023-46604 (Apache ActiveMQ RCE Vulnerability) and focused on getting Indicators of Compromise. | https://github.com/mranv/honeypot.rs | POC详情 |
| 26 | El script explota una vulnerabilidad de deserialización insegura en Apache ActiveMQ (CVE-2023-46604) | https://github.com/pulentoski/CVE-2023-46604 | POC详情 |
| 27 | None | https://github.com/stegano5/ExploitScript-CVE-2023-46604 | POC详情 |
| 28 | None | https://github.com/cuanh2333/CVE-2023-46604 | POC详情 |
| 29 | Repository to exploit CVE-2023-46604 reported for ActiveMQ | https://github.com/tomasmussi-mulesoft/activemq-cve-2023-46604-duplicate | POC详情 |
| 30 | Repository to exploit CVE-2023-46604 reported for ActiveMQ | https://github.com/tomasmussi/activemq-cve-2023-46604 | POC详情 |
| 31 | None | https://github.com/skrkcb2/CVE-2023-46604 | POC详情 |
| 32 | Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath. Users are recommended to upgrade to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3, which fixes this issue. | https://github.com/projectdiscovery/nuclei-templates/blob/main/javascript/cves/2023/CVE-2023-46604.yaml | POC详情 |
| 33 | None | https://github.com/Threekiii/Awesome-POC/blob/master/%E4%B8%AD%E9%97%B4%E4%BB%B6%E6%BC%8F%E6%B4%9E/Apache%20ActiveMQ%20%E8%BF%9C%E7%A8%8B%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2023-46604.md | POC详情 |
| 34 | None | https://github.com/Threekiii/Awesome-POC/blob/master/%E4%B8%AD%E9%97%B4%E4%BB%B6%E6%BC%8F%E6%B4%9E/Apache%20ActiveMQ%20OpenWire%20%E5%8D%8F%E8%AE%AE%E5%8F%8D%E5%BA%8F%E5%88%97%E5%8C%96%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2023-46604.md | POC详情 |
| 35 | https://github.com/vulhub/vulhub/blob/master/activemq/CVE-2023-46604/README.md | POC详情 | |
| 36 | CVE-2023-46604 | https://github.com/ImuSpirit/ActiveMQ_RCE_Pro_Max | POC详情 |
| 37 | None | https://github.com/CCIEVoice2009/CVE-2023-46604 | POC详情 |
暂无评论