Published: 25/01/2024 Updated: 29/02/2024

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 0

An issue discovered in provectus kafka-ui 0.4.0 up to and including 0.7.1 allows remote malicious users to execute arbitrary code via the q parameter of /api/clusters/local/topics/{topic}/messages.

Vulnerable Product	Search on Vulmon	Subscribe to Product
provectus ui

Check Point Reference: CPAI-2023-1545 Date Published: 28 Feb 2024 Severity: High ...

A command injection vulnerability exists in Kafka UI versions 040 through 071 that allows an attacker to inject and execute arbitrary shell commands via the groovy filter parameter at the topic section ...

CVE-2023-52251 There is a Remote Code Execution vulnerability provectus/kafka-ui.

CVE-2023-52251-POC There is a Remote Code Execution vulnerability provectus/kafka-ui There is no patch as of writing this, but the vendor is notified by us and the team over at VINCE without any response Report was sent Sep 27, 2023 to provectus both via email and github security Remediation We suggest commenting out the entire groovy filter function/adding authentication as

CWE-94 https://github.com/BobTheShoplifter/CVE-2023-52251-POC http://packetstormsecurity.com/files/177214/Kafka-UI-0.7.1-Command-Injection.html https://nvd.nist.gov https://github.com/BobTheShoplifter/CVE-2023-52251-POC https://packetstormsecurity.com/files/177214/Kafka-UI-0.7.1-Command-Injection.html https://advisories.checkpoint.com/defense/advisories/public/2024/cpai-2023-1545.html

CVE-2023-52251

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect