CVE-2023-46604
Arbitrary File Write vulnerability in org.apache.activemq:activemq-client

Arbitrary File Write No known exploit

What is CVE-2023-46604 About?

This vulnerability allows for writing arbitrary files into arbitrary locations on the remote filesystem in the context of the server process. This can lead to severe system compromise, and its exploitability would likely depend on successfully crafting inputs to trigger the file write.

Affected Software

  • org.apache.activemq:activemq-client
    • >5.16.0, <5.16.7
    • <5.15.16
    • >5.18.0, <5.18.3
    • >5.17.0, <5.17.6
  • org.apache.activemq:activemq-openwire-legacy
    • >5.16.0, <5.16.7
    • >5.8.0, <5.15.16
    • >5.18.0, <5.18.3
    • >5.17.0, <5.17.6

Technical Details

The vulnerability enables an attacker to perform arbitrary file writes to any location on the remote filesystem where the server process has write permissions. This could occur due to flaws in file upload functionalities, improper sanitization of file paths in applications that handle file operations, or vulnerabilities in deserialization processes. By supplying specially crafted input, such as a file with a path traversal sequence (e.g., `../../etc/passwd`) or an absolute path, the attacker can force the application to save a file to an unintended and potentially critical system location. This can overwrite existing system files, create new malicious files (e.g., web shells), or modify application configurations.

What is the Impact of CVE-2023-46604?

Successful exploitation may allow attackers to overwrite critical system files, upload malicious executables, modify application configurations, or achieve remote code execution, leading to full system compromise and data manipulation or destruction.

What is the Exploitability of CVE-2023-46604?

The complexity of exploiting an arbitrary file write vulnerability can vary, but generally requires specific knowledge of the target application's file handling mechanisms. Authentication requirements depend on whether the vulnerable function is accessible before or after authentication; it could be exploited by an unauthenticated or authenticated attacker. The attacker needs to identify an input vector that directly or indirectly controls file paths or content written to the filesystem. This is typically a remote vulnerability. Special conditions might involve specific file upload forms, content management systems, or applications that process untrusted data into files. The likelihood of exploitation increases if file path sanitization is completely absent or easily bypassable, making it a high-risk factor.

What are the Known Public Exploits?

PoC Author Link Commentary
X1r0z Link ActiveMQ RCE (CVE-2023-46604) 漏洞利用工具
SaumyajeetDas Link Achieving a Reverse Shell Exploit for Apache ActiveMQ (CVE_2023-46604)
ImuSpirit Link CVE-2023-46604

What are the Available Fixes for CVE-2023-46604?

Available Upgrade Options

  • org.apache.activemq:activemq-client
    • <5.15.16 → Upgrade to 5.15.16
  • org.apache.activemq:activemq-client
    • >5.16.0, <5.16.7 → Upgrade to 5.16.7
  • org.apache.activemq:activemq-client
    • >5.17.0, <5.17.6 → Upgrade to 5.17.6
  • org.apache.activemq:activemq-client
    • >5.18.0, <5.18.3 → Upgrade to 5.18.3
  • org.apache.activemq:activemq-openwire-legacy
    • >5.8.0, <5.15.16 → Upgrade to 5.15.16
  • org.apache.activemq:activemq-openwire-legacy
    • >5.16.0, <5.16.7 → Upgrade to 5.16.7
  • org.apache.activemq:activemq-openwire-legacy
    • >5.17.0, <5.17.6 → Upgrade to 5.17.6
  • org.apache.activemq:activemq-openwire-legacy
    • >5.18.0, <5.18.3 → Upgrade to 5.18.3

Struggling with dependency upgrades?

See how Resolved Security's drop-in replacements make it simple.

Book a demo

Additional Resources

What are Similar Vulnerabilities to CVE-2023-46604?

Similar Vulnerabilities: CVE-2022-26134 , CVE-2021-36260 , CVE-2020-14882 , CVE-2019-19781 , CVE-2018-7662

All Rights reserved 2025
Privacy Policy