Hackers target Apache RocketMQ servers vulnerable to RCE attacks

January 5, 2024 at 12:38PM Security researchers have identified critical vulnerabilities, CVE-2023-33246 and CVE-2023-37582, in Apache RocketMQ. Despite an initial patch, these vulnerabilities remain active, impacting the NameServer component in RocketMQ version 5.1 and older. Attackers can exploit these flaws to execute commands and should upgrade to version 5.1.2/4.9.7 or higher to prevent attacks. ShadowServer … Read more