支持本站 — 捐款将帮助我们持续运营

目标:1000 元,已筹:752

75.2%
立即捐款

POC详情: 3317ab701f43d246a38fa803b3be9aa449080d76

来源
https://github.com/B1ack4sh/Blackash-CVE-2025-59118
关联漏洞
标题:Apache OFBiz 安全漏洞 (CVE-2025-59118)
描述:Apache OFBiz是美国阿帕奇(Apache)基金会的一套企业资源计划(ERP)系统。该系统提供了一整套基于Java的Web应用程序组件和工具。 Apache OFBiz 24.09.03之前版本存在安全漏洞,该漏洞源于允许上传危险类型文件。
描述
CVE-2025-59118
介绍
# 🚨 **CVE-2025-59118: Critical Apache OFBiz RCE** 🚨  
**Unrestricted File Upload = Full Server Compromise** 💥  

---

## 🔍 **Core Details**  
| **Attribute** | **Value** |
|---------------|-----------|
| **CVE ID** | `CVE-2025-59118` 🔖 |
| **Title** | **Unrestricted Upload of File with Dangerous Type** 📂⚠️ |
| **Severity** | **Critical** 🔥 (CVSS ~9.0+ expected) |
| **CWE** | [CWE-434](https://cwe.mitre.org/data/definitions/434.html) 🛡️ |
| **Affected** | Apache OFBiz **< 24.09.03** ❌ |
| **Fixed In** | **24.09.03+** ✅ |
| **Published** | **Nov 12, 2025** 📅 |
| **Attack Type** | **Remote Code Execution (RCE)** 💻💣 |
| **Auth Required?** | Yes (low-privilege user) 🔑 |

---

## 🛠️ **How It Works**  
1. **Login** as any user → `/control/login` 🔐  
2. **Upload** malicious `.jsp` or `.groovy` file via **ImageManagementServices** 📤  
3. File lands in **webapp/** → **executable path** 🌐  
4. **Access URL** → **RCE triggered** → `whoami`, `rm -rf`, or **web shell** 😈  

> **No validation. No filters. Instant pwn.**  

---

## ⚡ **Impact**  
| **Risk** | **Level** |
|--------|---------|
| Server Takeover | 🌕🌕🌕🌕🌕 |
| Data Theft | 💳📊
| Ransomware | 🔒💰 |
| Lateral Movement | 🌐➡️🏢 |

> **ERP systems = high-value targets** 🏦  

---

## 🛑 **Mitigation Checklist**  
- [ ] **Upgrade to 24.09.03** → [Download](https://ofbiz.apache.org/download.html) ⬇️  
- [ ] **Block dangerous extensions**: `.jsp`, `.groovy`, `.class` 🚫  
- [ ] **Add WAF rules** (ModSecurity, Cloudflare) 🛡️  
- [ ] **Monitor uploads** → SIEM alerts on `/control/upload` 📡  
- [ ] **Restrict access** to trusted IPs only 🌍  
- [ ] **Audit users** → disable defaults 🔍  

---

## 🔗 **Official References**  
- [Apache Security Advisory](https://ofbiz.apache.org/security.html) 📜  
- [Release Notes 24.09.03](https://ofbiz.apache.org/release-notes-24.09.03.html) 📝  
- [JIRA: OFBIZ-13292](https://issues.apache.org/jira/browse/OFBIZ-13292) 🐞  
- [NVD Entry](https://nvd.nist.gov/vuln/detail/CVE-2025-59118) 📋  
- [OSS-Security Thread](http://www.openwall.com/lists/oss-security/2025/11/11/1) ✉️  

---

## 🌐 **Exposed Instances (Live Scan Data)**  
| **Scanner** | **Results** | **Query** |
|-----------|------------|----------|
| **ZoomEye** | **844** | `app="Apache OFBiz"` |
| **Hunter** | **1,200+** | `product.name="OFBiz"` |
| **FOFA** | **1,600+** | `app="Apache_OFBiz"` |

> **Patch now. Scan now. Sleep later.** 😴  

---

## 🐦 **X (Twitter) Buzz**  
| **User** | **Post** | **Time** |
|--------|--------|--------|
| `@zoomeye_team` | "🚨 CVE-2025-59118 + XSS → 844 exposed OFBiz hosts!" | Nov 13 |
| `@HunterMapping` | "1.2K+ live targets. Patch or perish." | Nov 13 |
| `@fofabot` | "1.6K results on FOFA. RCE via upload." | Nov 12 |
| `@CVEnew` | "Official: Upgrade to 24.09.03" | Nov 12 |

---

## 🎯 **Detection Rules**  
```yaml
# Nuclei Template (Coming Soon)
- id: ofbiz-rce-upload
  match: POST /control/upload
  body: .*\.jsp.*
  alert: "Possible CVE-2025-59118 Attempt"
```

```bash
# Log grep
grep -i "upload" ofbiz.log | grep -E "\.jsp|\.groovy"
```

---

## ✅ **Final Verdict**  
> **"If you're running OFBiz < 24.09.03, you're one upload away from a breach."**  

**Act now. Patch fast. Stay safe.** 🔐✨
文件快照

 [4.0K]  /data/pocs/3317ab701f43d246a38fa803b3be9aa449080d76
└── [3.3K]  README.md

1 directory, 1 file
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。