CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-32113

Critical Severity
Apache
SVRS
87/100
CVSSv3
9.8/10
EPSS
0.93446/1

CVE-2024-32113 is a critical path traversal vulnerability in Apache OFBiz, allowing unauthorized access to restricted directories. Upgrade to version 18.12.13 immediately to mitigate this risk. The Apache OFBiz vulnerability, identified as CVE-2024-32113, enables attackers to bypass security restrictions and access sensitive files or execute arbitrary code. Given its high CVSS score of 9.8 and a SOCRadar Vulnerability Risk Score (SVRS) of 87, this vulnerability is considered critical and requires immediate attention. An SVRS of 87 indicates that this CVE is associated with active exploits in the wild and poses a significant threat. Organizations using affected versions of Apache OFBiz must prioritize patching to prevent potential data breaches and system compromise. With active exploits available, the risk is amplified, making prompt mitigation essential.

TAGS
In The Wild
Exploit Avaliable
CISA KEV
Related
Mitigation
Issue-tracking
Vendor-advisory
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:N
UI:N
S:U
C:H
I:H
A:H
PUBLICATION DATE2024-05-08
LAST MODIFIED2025-03-10
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-32113 is a Path Traversal vulnerability in Apache OFBiz, allowing attackers to access files and directories outside the intended root directory. This vulnerability has a CVSS score of 0, indicating a low severity. However, SOCRadar's SVRS assigns it a score of 46, indicating a moderate risk.

Key Insights

  • Exploitation in the Wild: This vulnerability is actively exploited by hackers, making it critical to address promptly.
  • CISA Warning: The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about this vulnerability, urging organizations to take immediate action.
  • Threat Actors: Specific threat actors or groups actively exploiting this vulnerability have not been identified.
  • Impact: Successful exploitation could allow attackers to access sensitive data, modify files, or execute arbitrary code on the affected system.

Mitigation Strategies

  • Upgrade to the Latest Version: Upgrade Apache OFBiz to version 18.12.13 or later, which addresses this vulnerability.
  • Restrict Access to Sensitive Directories: Implement access controls to limit access to sensitive directories and files.
  • Use a Web Application Firewall (WAF): Deploy a WAF to block malicious requests that attempt to exploit this vulnerability.
  • Monitor for Suspicious Activity: Regularly monitor logs and security alerts for any suspicious activity that may indicate exploitation attempts.

Additional Information

If you have any further questions regarding this incident, you can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information.

Indicators of Compromise

No IOCs found for this CVE

Exploits

TitleSoftware LinkDate
RacerZ-fighting/CVE-2024-32113-POChttps://github.com/RacerZ-fighting/CVE-2024-32113-POC2024-04-10
MikeyPPPPPPPP/CVE-2024-32113https://github.com/MikeyPPPPPPPP/CVE-2024-321132024-12-24
Mr-xn/CVE-2024-32113https://github.com/Mr-xn/CVE-2024-321132024-06-03
Apache OFBiz Path Traversal Vulnerabilityhttps://www.cisa.gov/search?g=CVE-2024-321132024-08-07
Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CISA warns about actively exploited Apache OFBiz RCE flaw - BleepingComputer
2024-08-08
CISA warns about actively exploited Apache OFBiz RCE flaw - BleepingComputer | News Content: The U.S. Cybersecurity & Infrastructure Security Agency is warning of two vulnerabilities exploited in attacks, including a path traversal impacting Apache OFBiz. Apache OFBiz (Open For Business) is a popular open-source enterprise resource planning (ERP) system that provides a suite of business applications to manage various aspects of an organization. Due to its versatility and cost-effectiveness, it's used in a wide range of industries and business sizes. The flaw added to CISA's Known Exploited Vulnerability Catalog (KEV) is CVE-2024-32113, a path traversal vulnerability
google.com
rss
forum
news
Second Apache OFBiz Vulnerability Exploited in Attacks - SecurityWeek
2024-08-28
Second Apache OFBiz Vulnerability Exploited in Attacks - SecurityWeek | News Content: The US cybersecurity agency CISA on Tuesday added a second Apache OFBiz flaw to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability, tracked as CVE-2024-38856, has been described as an incorrect authorization issue that can allow unauthenticated endpoints to execute screen rendering code under certain conditions. Apache OFBiz versions through 18.12.14 are impacted, and version 18.12.15 includes a fix. SonicWall, whose researchers discovered the vulnerability, described it as a critical issue that can allow unauthenticated remote code execution. Proof-of-concept (PoC) exploits targeting CVE-2024-38856 started
google.com
rss
forum
news
CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports - The Hacker News
2024-08-28
CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports - The Hacker News | News Content: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw affecting the Apache OFBiz open-source enterprise resource planning (ERP) system to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability, known as CVE-2024-38856, carries a CVSS score of 9.8, indicating critical severity. "Apache OFBiz contains an incorrect authorization vulnerability that could allow remote code execution via a Groovy payload in the context of the OFBiz user process by an unauthenticated
google.com
rss
forum
news
Must Read - Security Affairs
2023-08-27
Must Read - Security Affairs | News Content: A British national has been charged for his execution of a hack-to-trade scheme The Department of Justice charged a British national for hacking into the systems of five U.S. organizations. The Department of Justice charged the British national Robert Westbrook (39) for hacking into the systems of five U.S. companies. Westbrook was arrested in the United Kingdom this week with is awaiting extradition to the United States. “Robert […] Critical NVIDIA Container Toolkit flaw could allow access to the underlying host A critical vulnerability in the NVIDIA Container Toolkit could allow a container
google.com
rss
forum
news
Must Read - Security Affairs
2023-08-27
Must Read - Security Affairs | News Content: Israel army hacked the communication network of the Beirut Airport control tower Israel allegedly hacked Beirut airport ‘s control tower, warning an Iranian plane not to land, forcing it to return to Tehran. The Israeli cyber army on Saturday hacked into the control tower of Beirut Airport, the Rafic Hariri International Airport. The IDF breached the communication network of the control tower and threatened an Iranian civilian […] SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 13 Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs
google.com
rss
forum
news
Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195) - Help Net Security
2024-09-06
Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195) - Help Net Security | News Content: For the fourth time in the last five months, Apache OFBiz users have been advised to upgrade their installations to fix a critical flaw (CVE-2024-45195) that could lead to unauthenticated remote code execution. About CVE-2024-45195 Apache OFBiz is an open-source suite for enterprise resource planning (ERP), which contains web applications for human resources management, customer relationship management, accounting, marketing, etc. “Apache OFBiz is used by numerous large organizations, and previously disclosed vulnerabilities for it have seen exploitation in the wild
google.com
rss
forum
news
Must Read - Security Affairs
2023-08-27
Must Read - Security Affairs | News Content: Irish Data Protection Commission fined Meta €91 million for storing passwords in readable format The Irish Data Protection Commission (DPC) fined Meta €91 million for storing the passwords of hundreds of millions of users in plaintext. The Irish Data Protection Commission (DPC) has fined Meta Platforms Ireland Limited (MPIL) €91 million ($100 million) for storing the passwords of hundreds of millions of users in plaintext, violating data protection regulations. […] A cyberattack on Kuwait Health Ministry impacted hospitals in the country The Kuwait Health Ministry is recovering from a cyberattack that disrupted systems at multiple
github
config
social media
ireland

Social Media

Apocalyptic cyber-chaos looms as CVE-2024-32113 re-emerges, amplified by its sinister sibling CVE-2024-45195. The digital realm quivers in anticipation of a reality remix. Brace for an intellectual apocalypse, dear netizens! #IronicallyHashtagging https://t.co/SnFWicVUBZ
0
0
0
CVE-2024-32113: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache OFBiz.This issue affects Apache OFBiz: before 18.12.13. Users are recommended to upgrade to version 18.12.13, which fixes the issue. PoC https://t.co/uC8WfImv3J
0
0
2
A vulnerability has been found in Apache OfBiz enterprise application! (CVE-2024-32113) #cve #vulnerability #exploit #NewPost #Apache https://t.co/XwHDBEv4tq
0
0
0
Actively Exploited Apache OFBiz Flaw (CVE-2024-32113) Triggers Urgent Security Alert A significant surge in scanning activity targeting this flaw began around July 20th, with daily reports peaking at nearly 2000 by the end of the month https://t.co/HnNIshRyQW
0
0
0
🚨🚨Actively Exploited Apache OFBiz Flaw Triggers Urgent Security Alert CVE-2024-32113 ZoomEye Dork👉app:"Apache OFBiz" The flaw, described as a path traversal issue, poses significant risks by potentially enabling attackers to execute malicious code remotely on systems running https://t.co/ic7FPKSf75
0
0
1
Increased Activity Against Apache #OFBiz CVE-2024-32113 https://t.co/PYVZlxKO75
0
1
1
Increased Activity Against Apache #OFBiz CVE-2024-32113 https://t.co/sIuP4nTTXw @sans_isc @sans_edu https://t.co/KQG0ECCm4R
0
0
1
CVE-2024-32113 - RCE Vulnerability in Apache OFBiz: Immediate Action Required https://t.co/m0eoAat66V
0
0
0
🚨 Apache has patched a critical RCE flaw in OFBiz ERP! CVE-2024-32113 allows path traversal, posing severe risks. Update to v18.12.13 now to protect your data and systems. https://t.co/NT7oUGvF1Z #Cybersecurity #ApacheOFBiz #UpdateNow #Infosec https://t.co/EJ5L7lEtDw
0
0
0
CVE-2024-32113 - RCE Vulnerability in Apache OFBiz: Immediate Action Required - https://t.co/Iv9tNQUIBz
0
0
0

Affected Software

Configuration 1
TypeVendorProduct
AppApacheofbiz

References

ReferenceLink
[email protected]https://issues.apache.org/jira/browse/OFBIZ-13006
[email protected]https://lists.apache.org/thread/w6s60okgkxp2th1sr8vx0ndmgk68fqrd
[email protected]https://ofbiz.apache.org/download.html
[email protected]https://ofbiz.apache.org/security.html
[email protected]http://www.openwall.com/lists/oss-security/2024/05/09/1
[email protected]https://issues.apache.org/jira/browse/OFBIZ-13006
[email protected]https://lists.apache.org/thread/w6s60okgkxp2th1sr8vx0ndmgk68fqrd
[email protected]https://ofbiz.apache.org/download.html
[email protected]https://ofbiz.apache.org/security.html
AF854A3A-2127-422B-91AE-364DA2661108http://www.openwall.com/lists/oss-security/2024/05/09/1
AF854A3A-2127-422B-91AE-364DA2661108https://issues.apache.org/jira/browse/OFBIZ-13006
AF854A3A-2127-422B-91AE-364DA2661108https://lists.apache.org/thread/w6s60okgkxp2th1sr8vx0ndmgk68fqrd
AF854A3A-2127-422B-91AE-364DA2661108https://ofbiz.apache.org/download.html
AF854A3A-2127-422B-91AE-364DA2661108https://ofbiz.apache.org/security.html
[email protected]http://www.openwall.com/lists/oss-security/2024/05/09/1
[email protected]https://issues.apache.org/jira/browse/OFBIZ-13006
[email protected]https://lists.apache.org/thread/w6s60okgkxp2th1sr8vx0ndmgk68fqrd
[email protected]https://ofbiz.apache.org/download.html
[email protected]https://ofbiz.apache.org/security.html

CWE Details

CWE IDCWE NameDescription
CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence