关联漏洞
标题:Apache OFBiz 安全漏洞 (CVE-2025-26865)Description:Apache OFBiz是美国阿帕奇(Apache)基金会的一套企业资源计划(ERP)系统。该系统提供了一整套基于Java的Web应用程序组件和工具。 Apache OFBiz 18.12.17至18.12.18之前版本存在安全漏洞,该漏洞源于模板引擎中特殊元素中和不当。
Description
CVE-2025-26865: FreeMarker Server-Side Template Injection via the "ecommerce" plugin in Apache OfBiz
介绍
# CVE-2025-26865: FreeMarker Server-Side Template Injection via the "ecommerce" plugin in Apache OfBiz
Due to a regression between 18.12.17 and 18.12.18 the fix for finding [CVE-2022-25813: FreeMarker Server-Side Template Injection in Apache OfBiz](https://github.com/mbadanoiu/CVE-2022-25813) was no longer enforced which reopened the possibility of launching FreeMarker Server-Side Template Injection (SSTI) attacks by leveraging the "ecommerce" plugin.
If the attack is successful, the SSTI may result in Remote Code Execution (RCE).
### Vendor Disclosure:
The vendor's disclosure and fix for this vulnerability can be found [here](https://lists.apache.org/thread/prb48ztk01bflyyjbl6p56wlcc1n5sz7).
### Requirements:
This vulnerability requires:
<br/>
- Registering a new user or valid user credentials
- User interaction of a administrative user
### Proof Of Concept:
As this attack is a exact re-creation of CVE-2022-25813, more details and the exploitation process can be found in this [PDF](https://github.com/mbadanoiu/CVE-2022-25813/blob/main/Apache%20OfBiz%20-%20CVE-2022-25813.pdf).
### Additional Resources:
Original SSTI finding in Apache OfBiz: [CVE-2022-25813: FreeMarker Server-Side Template Injection in Apache OfBiz](https://github.com/mbadanoiu/CVE-2022-25813)
文件快照
[4.0K] /data/pocs/e0d46e7d69578538e40a0e47c7c8974cdeeb0624
└── [1.3K] README.md
0 directories, 1 file
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。