March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – PatchWork APT Threat Actor Group – Active IOCs
December 5, 2023Rewterz Threat Update – More than 20,000 Microsoft Exchange Servers are Exposed and Vulnerable
December 5, 2023Rewterz Threat Alert – PatchWork APT Threat Actor Group – Active IOCs
December 5, 2023Rewterz Threat Update – More than 20,000 Microsoft Exchange Servers are Exposed and Vulnerable
December 5, 2023
Severity
High
Analysis Summary
CVE-2023-49070
Apache Ofbiz could allow a remote attacker to execute arbitrary code on the system, caused by an no longer maintained XML-RPC. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2023-49070
Affected Vendors
Apache
Affected Products
- Apache Ofbiz 18.12.09
Remediation
Upgrade to the latest version of Apache Ofbiz, available from the Apache Website.