Apache ActiveMQ servers vulnerable to RCE attacks exposed online


The vulnerability in question is CVE-2023-46604, a critical severity (CVSS v3 score: 10.0) RCE that, by taking advantage of the serialized class types in the OpenWire protocol, enables attackers to execute arbitrary shell commands. 7,249 servers that were reachable using ActiveMQ services were discovered by researchers from the threat monitoring service ShadowServer.

3,329 of them were discovered to be running an ActiveMQ version that was susceptible to CVE-2023-46604, making all of these servers open to remote code execution.x000D 1,400 of the most susceptible cases are found in China. With 530 open servers, the United States ranks second, Germany is third with 153, while the Netherlands, India, Russia, France, and South Korea each have 100 exposed servers.

Read More…