Pre-auth RCE in Apache Ofbiz 18.12.09. It’s due to XML-RPC no longer maintained still present. This issue affects Apache OFBiz: before 18.12.10.
View the template here CVE-2023-49070.yaml
Lab | Machine | Link |
---|---|---|
Hack The Box | Bizness | Go to Practice |
References:
https://twitter.com/Siebene7/status/1731870759130427726