CVE-2023-46604: Apache ActiveMQ RCE

日期: 2025-09-01 | 影响软件: Apache ActiveMQ | POC: 已公开

漏洞描述

Apache ActiveMQ RCE Fofa:

PoC代码[已公开]

id: CVE-2023-46604

info:
  name: Apache ActiveMQ RCE
  author: zan8in
  severity: critical
  verified: true
  description: |-
    Apache ActiveMQ RCE
    Fofa:
  reference:
    - https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt
    - https://github.com/Arlenhiack/ActiveMQ-RCE-Exploit
  tags: activemq,rce
  created: 2023/11/25

set:
  hostname: request.url.host
  host: request.url.domain
  port: request.url.port
rules:
  r0:
    request:
      type: tcp
      host: "{{host}}:61616"
      data: "\n"
      read-size: 1024
    expression: response.raw.ibcontains(b'ActiveMQ')
    extractors:
      - type: regex
        extractor:
          ext1: '"ProviderVersion.+(?P<version>[0-9]\\.[0-9]{1,2}\\.[0-9]{1,2})".bsubmatch(response.raw)'
          version: ext1["version"]
  r1:
    request:
      type: tcp
      host: "{{host}}:61616"
      data: "\n"
      read-size: 1024
    expression: |
      versionCompare(string(version),"<","5.15.16") ||
      (versionCompare(string(version),">","5.16.0") && versionCompare(string(version),"<","5.16.7")) ||
      (versionCompare(string(version),">","5.17.0") && versionCompare(string(version),"<","5.17.6")) ||
      (versionCompare(string(version),">","5.18.0") && versionCompare(string(version),"<","5.18.3"))
expression: r0() && r1()

来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/CVE/2023/CVE-2023-46604.yaml

漏洞描述

PoC代码[已公开]

相关漏洞推荐

Apache ActiveMQ Artemis Console存在默认账号密码 无POC

CVE-2016-3088: Apache ActiveMQ Fileserver - Arbitrary File Write POC

CVE-2018-8006: Apache ActiveMQ <=5.15.5 - Cross-Site Scripting POC

PrestaShop /module/tshirtecommerce/designer SQL 注入漏洞（CVE-2023-27637） 无POC

PrestaShop SQL 注入漏洞（CVE-2023-46358） 无POC

Apache ActiveMQ Artemis Console存在默认账号密码无POC

PrestaShop /module/tshirtecommerce/designer SQL 注入漏洞（CVE-2023-27637）无POC

PrestaShop SQL 注入漏洞（CVE-2023-46358）无POC