Published: 01/06/2016 Updated: 07/11/2023

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 762

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

The Fileserver web application in Apache ActiveMQ 5.x prior to 5.14.0 allows remote malicious users to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache activemq

The Fileserver web application in Apache ActiveMQ 5x before 5140 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request ...

I have recently been playing with Apache ActiveMQ, and came across a simple but interesting directory traversal flaw in the fileserver upload/download functionality I have only been able to reproduce this on Windows, ie where "\" is a path delimiter An attacker could use this flaw to upload arbitrary files to the server, including a JSP shell ...

## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include Msf::Exploit::FileDropper def initialize(info = {}) super(update_info(info, ...

ActiveMQ_putshell直接获取webshell

ActiveMQ_putshell-CVE-2016-3088- ActiveMQ_putshell直接获取webshell #Usage： python3 ActiveMQ_putshellpy -u url

ActiveMQ系列漏洞探测利用工具，包括ActiveMQ 默认口令漏洞及ActiveMQ任意文件写入漏洞（CVE-2016-3088），支持批量探测利用。

ActiveMQ_Crack 概述 ActiveMQ系列漏洞探测利用工具，包括ActiveMQ 默认口令漏洞及ActiveMQ任意文件写入漏洞（CVE-2016-3088），支持批量探测利用。使用方法批量探测：文件中逐行写入需要检测的URL，参数-TF 指定文件 -t 并发数量单个目标探测：-T xxxx 执行效果玉兔安全致力于web安全、红�

Broker_Writeup Start with nmap we found that we have 2 Open ports , 1883 for the mqtt service and 8161 http for Activemq Manually check the http, we got auth required for admin dir Search for Default Creds for Activemq you can find an interesting topic called "secret_chat" Use Mqtt client to Subscribe to the "secret_chat" and see the queued message

ActiveMQ_putshell直接获取webshell

ActiveMQ_putshell-CVE-2016-3088- ActiveMQ_putshell直接获取webshell #Usage： python3 ActiveMQ_putshellpy -u url

Apache ActiveMQ PUT RCE Scan

#Apache ActiveMQ PUT RCE 一键getshell usage:python3 CVE-2016-3088py -u tartgetcom/

CVE-2016-3088 - Remote Code Execution in Apache ActiveMQ

Apache ActiveMQ PUT RCE Scan

#Apache ActiveMQ PUT RCE 一键getshell usage:python3 CVE-2016-3088py -u tartgetcom/

Apache ActiveMQ Remote Code Execution Exploit

CVE-2016-3088 Apache ActiveMQ Remote Code Execution Exploit Description The Fileserver web application in Apache ActiveMQ 5x before 5140 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request Author Alexandre Aguiar (@cyberaguiar) Exploit analysis Analysis of Apache ActiveMQ Remote Code Execution Vulnerability (CVE-

CWE-20 http://www.zerodayinitiative.com/advisories/ZDI-16-356 http://www.securitytracker.com/id/1035951 http://www.zerodayinitiative.com/advisories/ZDI-16-357 http://activemq.apache.org/security-advisories.data/CVE-2016-3088-announcement.txt https://www.exploit-db.com/exploits/42283/http://rhn.redhat.com/errata/RHSA-2016-2036.html https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E https://lists.apache.org/thread.html/f956ea38e4da2e2c1e7131e6f91e41754852f5a4861d1a14ca5ca78a%40%3Cusers.activemq.apache.org%3E https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E https://nvd.nist.gov https://packetstormsecurity.com/files/143191/Apache-ActiveMQ-5.x-Web-Shell-Upload.html https://github.com/gsheller/ActiveMQ_putshell-CVE-2016-3088-https://www.exploit-db.com/exploits/40857/https://access.redhat.com/security/cve/cve-2016-3088

CVE-2016-3088

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect