8.8
CVSSv3

CVE-2023-52251

Published: 25/01/2024 Updated: 21/11/2024

Vulnerability Summary

A remote code execution vulnerability (CVE-2023-52251) exists in Provectus kafka-ui 0.4.0 through 0.7.1, allowing remote attackers to execute arbitrary code via the q parameter of /api/clusters/local/topics/{topic}/messages. This high-severity vulnerability (Check Point Reference: CPAI-2023-1545) could enable an attacker to compromise the affected system. The vulnerability affects versions 0.4.0 and later, as well as 0.7.1 and prior. Exploitation of this issue could lead to significant security breaches, necessitating urgent attention and mitigation measures.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

provectus ui

Vendor Advisories

Check Point Reference: CPAI-2023-1545 Date Published: 28 Feb 2024 Severity: High ...

Exploits

A command injection vulnerability exists in Kafka UI versions 040 through 071 that allows an attacker to inject and execute arbitrary shell commands via the groovy filter parameter at the topic section ...

Github Repositories

CVE-2023-52251 There is a Remote Code Execution vulnerability provectus/kafka-ui.

CVE-2023-52251-POC There is a Remote Code Execution vulnerability provectus/kafka-ui There is no patch as of writing this, but the vendor is notified by us and the team over at VINCE without any response Report was sent Sep 27, 2023 to provectus both via email and github security Remediation We suggest commenting out the entire groovy filter function/adding authentication as