A vulnerability was found in Apache RocketMQ up to 4.9.5/5.1.0. It has been declared as critical. This vulnerability affects unknown code of the component NameServer/Broker/Controller. The manipulation leads to code injection.
This vulnerability was named CVE-2023-33426. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.