New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems

Researchers in cybersecurity have created a proof-of-concept (PoC) code that runs a memory-resident payload by taking advantage of a recently discovered severe vulnerability in the open-source Apache OfBiz Enterprise Resource Planning (ERP) system.

This vulnerability, identified as CVE-2023-51467 (CVSS score: 9.8), is a workaround for another serious flaw in the same software, identified as CVE-2023-49070 (also rated at 9.8), which could be used as a weapon to get around authentication and remotely run arbitrary code.

Although the vulnerability was addressed in the most recent release of Apache OFbiz version 18.12.11, threat actors have been seen trying to take advantage of it by focusing on susceptible systems. According to VulnCheck’s most recent discoveries read more New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems.

Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *