CVE-2024-32113 - Apache OFBiz Path Traversal Vulnerability

Vulnerability Name

Apache OFBiz Path Traversal Vulnerability

Description

Apache OFBiz contains a path traversal vulnerability that could allow for remote code execution.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://lists.apache.org/thread/w6s60okgkxp2th1sr8vx0ndmgk68fqrd

https://nvd.nist.gov/vuln/detail/CVE-2024-32113

Related News Articles

Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195)September 6, 2024

Apache OFBiz Update Fixes High-Severity Flaw Leading to Remote Code ExecutionSeptember 6, 2024

Apache fixes critical OFBiz remote code execution vulnerabilitySeptember 6, 2024

CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation ReportsAugust 28, 2024

CISA warns about actively exploited Apache OFBiz RCE flawAugust 9, 2024