HTTP: Apache OFBiz createAnonContact Server-Side Template Injection
This signature detects attempts to exploit a known vulnerability against Apache OFBiz. A successful attack can lead to command injection and arbitrary code execution.
Extended Description
In Apache OFBiz, versions 18.12.05 and earlier, an attacker acting as an anonymous user of the ecommerce plugin, can insert a malicious content in a message Subject field from the "Contact us" page. Then a party manager needs to list the communications in the party component to activate the SSTI. A RCE is then possible.
Affected Products
Apache ofbiz
Short Name
HTTP:APACHE:OFBIZ-CRTANON-SSTI
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Apache CVE-2022-25813 Injection OFBiz Server-Side Template createAnonContact
Release Date
09/14/2022
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3526
False Positive
Unknown
Vendors
Apache