CVE-2023-33246 PoC — Apache RocketMQ: Possible remote code execution vulnerability when using the update configuration function

Source

https://github.com/SuperZero/CVE-2023-33246

Associated Vulnerability

Title:Apache RocketMQ: Possible remote code execution vulnerability when using the update configuration function (CVE-2023-33246)
Description:For RocketMQ versions 5.1.0 and below, under certain conditions, there is a risk of remote command execution. Several components of RocketMQ, including NameServer, Broker, and Controller, are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function to execute commands as the system users that RocketMQ is running as. Additionally, an attacker can achieve the same effect by forging the RocketMQ protocol content. To prevent these attacks, users are recommended to upgrade to version 5.1.1 or above for using RocketMQ 5.x or 4.9.6 or above for using RocketMQ 4.x .

Description

Apache RocketMQ 远程代码执行漏洞(CVE-2023-33246) Exploit

Readme

# CVE-2023-33246
Apache RocketMQ 远程代码执行漏洞(CVE-2023-33246) Exploit

# 使用方法: 
java -jar CVE-2023-33246.jar -ip "127.0.0.1" -cmd "open -a calculator"

![image](https://github.com/Le1a/CVE-2023-33246/assets/97610822/dc60f6a0-7b39-411c-8908-1245e81e70df)


# 免责声明: 
检测工具仅供各大安全公司的安全测试员安全测试使用。未经允许请勿对任何外部计算机系统进行入侵攻击，不得用于任何非授权形式的安全测试。仅提供技术交流，不对工具造成任何理论上的或实际上的损失承担责任。

File Snapshot


 [4.0K]  /data/pocs/8ced89d377ce5192aecc78c99ef64f570c0edbe6
├── [ 10M]  CVE-2023-33246.jar
└── [ 585]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!