CVE-2023-46604CISA KEV: Actively Exploited

Apache ActiveMQ Deserialization of Untrusted Data Vulnerability

Published Nov 2, 2023·Updated Nov 2, 2023

Description

Apache ActiveMQ contains a deserialization of untrusted data vulnerability that may allow a remote attacker with network access to a broker to run shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath.

Public Exploits & PoCs31 found

PoC: ActiveMQ-RCE

ActiveMQ RCE (CVE-2023-46604) 漏洞利用工具, 基于 Go 语言

68

PoC: ActiveMQ-RCE

CVE-2023-46604

19

PoC: ActiveMQ_RCE_Pro_Max

CVE-2023-46604

5

PoC: CVE-2023-46604

CVE-2023-46604 ActiveMQ RCE vulnerability verification/exploitation tool

2

PoC: SSP-Assignment-3-RCEYouLater

A PoC for CVE-2023-46604 written as part of SPS class for the Advanced Cyber Security master's at UPB.

1

PoC: CVE-2023-46604

El script explota una vulnerabilidad de deserialización insegura en Apache ActiveMQ (CVE-2023-46604)

1

PoC: ActiveMQ-RCE-Exploit

ActiveMQ RCE (CVE-2023-46604) 回显利用工具

1

PoC: CVE-2023-46604

Exploit for CVE-2023-46604

1

PoC: CVE-2023-46604-RCE

CVE-2023-46604-RCE exploit with Linux reverse shell payload

PoC: activemq-ids-ips-lab

IDS/IPS lab for detecting and preventing Apache ActiveMQ RCE (CVE-2023-46604) using GVM, Nmap, Snort, iptables, and UFW.

PoC: CVE-2023-46604

Exploitation of CVE-2023-44604. Using a Kali Linux VM (attacker) and a Debian 11 server VM (victim)

PoC: intel471-threat-hunting-cve-2023-46604

My first hands-on Intel 471 threat hunting workshop experience investigating CVE-2023-46604 using Elastic SIEM, vulnerability intelligence, and post-exploitation detection.

PoC: activemq-lockbit-analysis

Apache ActiveMQ (CVE-2023-46604) zafiyetinden LockBit ransomware aşamasına uzanan 419 saatlik sızma vakasının uçtan uca analizi, SIEM korelasyon kuralları ve IOC listesi.

PoC: activemq-cve-playground

CVE-2023-46604 investigation

PoC: CVE-2023-46604-Analysis

Apache ActiveMQ OpenWire 역직렬화 RCE 취약점 기술 분석

PoC: CVE-2023-46604-LAB

Detection, Exploit and Mitigation for CVE 2023 46604.

PoC: Project-Vuln-Detection-N-Mitigation_101

Vulnerability Detection and Mitigation Apache ActiveMQ | Security Architectures and Systems Administration - on - Apache ActiveMQ Deserialization Remote Code Execution (RCE) – CVE-2023-46604

PoC: honeypot.rs

CVE-2023-46604 (Apache ActiveMQ RCE Vulnerability) and focused on getting Indicators of Compromise.

PoC: activemq-rce-cve-2023-46604

activemq-rce-cve-2023-46604

PoC: cve-2023-46604

A go-exploit for Apache ActiveMQ CVE-2023-46604

PoC: activemq-cve-2023-46604

Repository to exploit CVE-2023-46604 reported for ActiveMQ

PoC: Broker_ApacheMQ

CVE-2023-46604 - ApacheMQ Version 5.15.5 Vulnerability Machine: Broker

PoC: activemq-cve-2023-46604

Repository to exploit CVE-2023-46604 reported for ActiveMQ

PoC: ActiveMQ_RCE_Pro_Max

CVE-2023-46604

PoC: ActiveMQ_CVE-2023-46604

PY

PoC: CVE-2023-46604_ActiveMQ_RCE_Recurrence

CVE-2023-46604环境复现包

PoC: CVE-2023-46604-POC

POC repo for CVE-2023-46604

PoC: CVE-2023-46604_ActiveMQ_RCE_Recurrence

CVE-2023-46604环境复现包

PoC: CVE-2023-46604-ActiveMQ-RCE-pseudoshell

This script leverages CVE-2023046604 (Apache ActiveMQ) to generate a pseudo shell. The vulnerability allows for remote code execution due to unsafe deserialization within the OpenWire protocol.

PoC: CVE-2023-46604-Apache-ActiveMQ-RCE-exp

CVE-2023-46604 Apache ActiveMQ RCE exp 基于python

PoC: CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ

Achieving a Reverse Shell Exploit for Apache ActiveMQ (CVE_2023-46604)

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free