A remote code execution vulnerability (CVE-2023-52251) exists in Provectus kafka-ui 0.4.0 through 0.7.1, allowing remote attackers to execute arbitrary code via the q parameter of /api/clusters/local/topics/{topic}/messages. This high-severity vulnerability (Check Point Reference: CPAI-2023-1545) could enable an attacker to compromise the affected system. The vulnerability affects versions 0.4.0 and later, as well as 0.7.1 and prior. Exploitation of this issue could lead to significant security breaches, necessitating urgent attention and mitigation measures.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
provectus ui |