Saturday, January 25, 2025
HomeCVE/vulnerabilityRCE Flaw in Apache OFBiz Allowed An Attackers to Take Over The...

RCE Flaw in Apache OFBiz Allowed An Attackers to Take Over The ERP System

Published on

SIEM as a Service

Follow Us on Google News

The developers at Apache Software Foundation have recently fixed a critical RCE flaw (CVE-2021-26295) in Apache OFBiz. This flaw could allow an unauthenticated attacker to remotely execute and take control of a vulnerable open source Enterprise Resource Planning system (ERP).

Apache OFBiz is a Java-based platform that is designed to automate various corporate processes. OFBiz offers a wide range of functions and here we have mentioned them below:-

  • Accounting
  • Customer relationship management
  • Manufacturing operations management
  • Order management
  • Supply chain control
  • Warehouse management system

CVE-2021-26295 – RCE vulnerability in latest Apache OFBiz

  • Severity: High
  • Vendor: The Apache Software Foundation
  • Versions Affected: OFBiz versions prior to 17.12.06

This RCE flaw affects all the versions of the software prior to 17.12.06, and the security researchers have classified this flaw as high. This flaw allows an unauthorized attacker to use “insecure deserialization” as an attack vector to execute arbitrary code on the server remotely.

In short, a remote attacker can easily change the serialized data simply by injecting the arbitrary code into it, during the deserialization, and as a result, this could lead execution of this code remotely.

Expert’s advice

Cybersecurity analysts have recommended users to immediately update their current system version to the latest version (17.12.06), to avoid being exploited by hackers.

Moreover, the teams of cybersecurity researchers, r00t4dm at Cloud-Penetrating Arrow Lab, MagicZero from SGLAB of Legendsec at Qi’anxin Group, and Longofo at Knownsec 404 have been also credited for reporting this critical RCE security flaw.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Subaru’s STARLINK Connected Car’s Vulnerability Let Attackers Gain Restricted Access

In a groundbreaking discovery on November 20, 2024, cybersecurity researchers Shubham Shah and a...

Android Kiosk Tablets Vulnerability Let Attackers Control AC & Lights

A security flaw found in Android-based kiosk tablets at luxury hotels has exposed a...

CISA Releases Six ICS Advisories Details Security Issues

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued six Industrial Control Systems (ICS)...

Juniper Routers Exploited via Magic Packet Vulnerability to Deploy Custom Backdoor

A sophisticated cyber campaign dubbed "J-magic" has been discovered targeting enterprise-grade Juniper routers with...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

More like this

CISA Releases Six ICS Advisories Details Security Issues

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued six Industrial Control Systems (ICS)...

370+ Ivanti Connect Secure Exploited Using 0-Day Vulnerability

A major cybersecurity incident has come to light, with more than 370 Ivanti Connect...

Zero-Click Outlook RCE Vulnerability (CVE-2025-21298), PoC Released

Microsoft issued a critical patch to address CVE-2025-21298, a zero-click Remote Code Execution (RCE)...