-
# Apache OFBiz Authentication Bypass(CVE-2024-38856)
写在前面 自去年CVE-2023-51467爆出后,起初我是不太想再看这个系统了,但年初连续的三个权限绕过相关的CVE编号(CVE-2024-25065/CVE-2024-32113/CVE-2024-36104)又让我产生了好奇,随着对三个历史漏洞分析的过程中,我也发现这三个漏洞的…
-
Hi there.
I would like to start implementing a plugin to detect Apache Ofbiz Authentication Bypass Leads to RCE (CVE-2023-51467). This vulnerability was published in 26/Dec/2023.
Reference:
htt…
-
## Summary
https://blog.sonicwall.com/en-us/2023/12/sonicwall-discovers-critical-apache-ofbiz-zero-day-authbiz/
https://thehackernews.com/2023/12/critical-zero-day-in-apache-ofbiz-erp.html
h…
-
A new zero-day security flaw has been discovered in the Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system that could be exploited to bypass authentication protections.
The vulne…