Apache Ofbiz
Monthly
Authenticated code injection in Apache OFBiz versions prior to 24.09.06 allows remote attackers with low-privileged accounts to execute arbitrary code via improperly neutralized directives in dynamically evaluated expressions. The flaw combines CWE-94 code injection with eval injection, yielding full confidentiality, integrity, and availability impact (CVSS 8.8). No public exploit identified at time of analysis, and EPSS rates near-term exploitation at 0.03% (8th percentile), but SSVC flags the issue as automatable, raising the risk of scripted abuse once a POC emerges.
Remote code execution in Apache OFBiz before 24.09.06 stems from an improper authentication flaw in the password-change logic that allows unauthenticated remote attackers to bypass authentication and ultimately execute arbitrary code on the server. The CVSS 9.8 rating reflects network-reachable, no-interaction exploitation against a widely deployed open-source ERP platform, though EPSS sits at only 0.07% and SSVC currently marks exploitation as 'none' - meaning no public exploit identified at time of analysis despite the severe technical impact.
Authenticated code injection in Apache OFBiz versions prior to 24.09.06 allows remote attackers with low-privileged accounts to execute arbitrary code via improperly neutralized directives in dynamically evaluated expressions. The flaw combines CWE-94 code injection with eval injection, yielding full confidentiality, integrity, and availability impact (CVSS 8.8). No public exploit identified at time of analysis, and EPSS rates near-term exploitation at 0.03% (8th percentile), but SSVC flags the issue as automatable, raising the risk of scripted abuse once a POC emerges.
Remote code execution in Apache OFBiz before 24.09.06 stems from an improper authentication flaw in the password-change logic that allows unauthenticated remote attackers to bypass authentication and ultimately execute arbitrary code on the server. The CVSS 9.8 rating reflects network-reachable, no-interaction exploitation against a widely deployed open-source ERP platform, though EPSS sits at only 0.07% and SSVC currently marks exploitation as 'none' - meaning no public exploit identified at time of analysis despite the severe technical impact.