We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-23636

SOFARPC Remote Command Execution(RCE) Vulnerbility



Description

SOFARPC is a Java RPC framework. SOFARPC defaults to using the SOFA Hessian protocol to deserialize received data, while the SOFA Hessian protocol uses a blacklist mechanism to restrict deserialization of potentially dangerous classes for security protection. But, prior to version 5.12.0, there is a gadget chain that can bypass the SOFA Hessian blacklist protection mechanism, and this gadget chain only relies on JDK and does not rely on any third-party components. Version 5.12.0 fixed this issue by adding a blacklist. SOFARPC also provides a way to add additional blacklists. Users can add a class like `-Drpc_serialize_blacklist_override=org.apache.xpath.` to avoid this issue.

Reserved 2024-01-19 | Published 2024-01-23 | Updated 2024-10-18 | Assigner GitHub_M


CRITICAL: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-502: Deserialization of Untrusted Data

Product status

< 5.12.0
affected

References

github.com/...fa-rpc/security/advisories/GHSA-7q8p-9953-pxvr

github.com/...ommit/42d19b1b1d14a25aafd9ef7c219c04a19f90fc76

cve.org (CVE-2024-23636)

nvd.nist.gov (CVE-2024-23636)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-23636

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.

© Copyright 2024 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.