2023-10-26 21:21:56 +08:00
|
|
|
## Apache ActiveMQ远程命令执行漏洞
|
|
|
|
|
|
|
|
|
|
## 影响版本
|
|
|
|
|
```
|
|
|
|
|
Apache ActiveMQ < 5.18.3
|
|
|
|
|
Apache ActiveMQ < 5.17.6
|
|
|
|
|
```
|
2023-10-28 13:47:02 +08:00
|
|
|
## fofa
|
|
|
|
|
```
|
|
|
|
|
app="APACHE-ActiveMQ" && port="61616"
|
|
|
|
|
```
|
2023-10-26 21:21:56 +08:00
|
|
|
## 漏洞脚本
|
|
|
|
|
```
|
|
|
|
|
https://github.com/Fw-fW-fw/activemq_Throwable
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
## 漏洞分析
|
|
|
|
|
```
|
|
|
|
|
https://paper.seebug.org/3058/
|
|
|
|
|
https://mp.weixin.qq.com/s/4n7vyeXLtim0tXcjnSWDAw
|
|
|
|
|
```
|
