#SonicWallResearch

Apache OFBiz Users Warned of New and Exploited Vulnerabilities

by

August 5, 2024 at 07:54AM Apache OFBiz users are advised to patch a critical vulnerability, CVE-2024-38856, after reports of increasing exploitation attempts. Versions through 18.12.14 are impacted, with a fix in 18.12.15. Another recently discovered flaw, CVE-2024-32113, has been targeted by malicious actors, prompting increased exploitation attempts. The security of these ERP systems is critical. … Read more

Apache OFBiz RCE flaw exploited to find vulnerable Confluence servers

by

December 28, 2023 at 11:21AM Apache OFBiz, utilized for business operations, contains a critical pre-authentication remote code execution vulnerability, CVE-2023-49070, actively being exploited. A patch to resolve the issue was found incomplete, resulting in the discovered bypass flaw, CVE-2023-51467. The urgency for users to upgrade to version 18.12.11 is emphasized due to the risk of … Read more