Apache RocketMQ Remote Code Execution Vulnerability (CVS 2023-33246)
June 1, 2023
Overview Recently, NSFOCUS CERT found that the PoC of Apache RocketMQ remote code execution vulnerability (CVE-2023-33246) was publicly disclosed online. Due to the lack of appropriate permission verification in some components such as NameServer, Broker, and Controller of RocketMQ, they were unintentionally exposed to the external network. In specific circumstances, attackers can execute commands or […]
