Hackers target Apache RocketMQ servers vulnerable to RCE attacks


Every day, hundreds of IP addresses that scan for or try to attack Apache RocketMQ services vulnerable to remote command execution flaws CVE-2023-33246 and CVE-2023-37582 are discovered by security experts.

Both vulnerabilities pertain to an issue that persisted after the vendor’s original fix in May 2023 and have a critical severity ranking. The security flaw initially affected several components, including NameServer, Broker, and Controller, and was tagged as CVE-2023-33246. An incomplete remedy for the NameServer component of RocketMQ was issued by Apache, and it was still applicable to versions 5.1 and lower of the distributed messaging and streaming platform.

Read More…