Vulnerability Management, Patch/Configuration Management

RCE possible with critical Apache OFBiz zero-day

Vulnerability management

Threat actors could leverage a new critical zero-day vulnerability impacting the open-source enterprise resource planning system Apache OFBiz, tracked as CVE-2024-38856, to facilitate remote code execution, according to The Hacker News.

Such a security issue — which is a patch bypass for the already addressed path traversal flaw, tracked as CVE-2024-36104 — stems from an authentication mechanism vulnerability enabling unauthenticated access to critical endpoints, showed an analysis from SonicWall, which identified and reported the bug. "Unauthenticated access was allowed to the ProgramExport endpoint by chaining it with any other endpoints that do not require authentication by abusing the override view functionality," said SonicWall researcher Hasib Vhora. Attackers had exploited another critical OFBiz path traversal flaw, tracked as CVE-2024-32113, to facilitate Mirai botnet delivery. Both developments come months after SonicWall reported a critical OFBiz bug, tracked as CVE-2023-51467, which has since been subjected to widespread exploitation attempts.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds