all InfoSec news
Apache ActiveMQ Jolokia Remote Code Execution Vulnerability (CVE-2022-41678) Notification
Security Boulevard securityboulevard.com
Overview Recently, NSFOCUS CERT found a remote code execution vulnerability in Apache ActiveMQ Jolokia (CVE-2022-41678). In the configuration of ActiveMQ, jetty allows org.holokia.http.AgentServlet to process requests for/api/Jolokia. An authenticated attacker can send a specially crafted HTTP request to write a malicious file through the Jolokia service, thus implementing remote code execution. At present, the vulnerability […]
The post Apache ActiveMQ Jolokia Remote Code Execution Vulnerability (CVE-2022-41678) Notification appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects …
activemq apache apache activemq api application security attacker blog cert code code execution configuration cve emergency-response file found http malicious notification nsfocus org process remote code remote code execution request requests send service vulnerability