CVE-2023-33426 | Apache RocketMQ up to 4.9.5/5.1.0 NameServer/Broker/Controller code injection

Inserito da Angelo Barbosa | Ott 9, 2024 | CVE

A vulnerability was found in Apache RocketMQ up to 4.9.5/5.1.0. It has been declared as critical. This vulnerability affects unknown code of the component NameServer/Broker/Controller. The manipulation leads to code injection.

This vulnerability was named CVE-2023-33426. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-33426 | Apache RocketMQ up to 4.9.5/5.1.0 NameServer/Broker/Controller code injection

Post correlati

CVE-2021-46899 | SyncTrayzor 1.1.29 CEF Remote Debug Local Privilege Escalation (Issue 666)

CVE-2024-5857 | Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor Plugin Media authorization

CVE-2024-37889 | TreyWW MyFinances up to 0.4.5 authorization

CVE-2024-45625 | WPMU Forminator Plugin up to 1.34.0 URL cross site scripting