Security researchers have observed up ticking reconnaissance attempts for the CVE-2024-32113 vulnerability in Apache OFBiz. The vulnerability, described as a path traversal issue, poses significant risks by potentially enabling attackers to execute malicious code remotely on systems running vulnerable versions of the software.
As per the researchers, the vulnerability is being actively exploited. A significant surge in scanning activity targeting this flaw began around July 20th, peaking at nearly 2000 by the end of the month. Attackers are already experimenting with the vulnerability and potentially incorporating it into botnets like Mirai variants.
Several IP addresses have been identified as being involved in these scanning attempts.
- 95.214.27.196
- 83.222.191.62
- 185.196.10.231
These IP addresses are contributing to the surge in scanning attempts, indicating that attackers are experimenting with the vulnerability and possibly incorporating it into automated attack tools, such as Mirai variants.
The Apache OFBiz team has released version 18.12.13 to address this critical issue. Organizations using Apache OFBiz are strongly urged to update to this version immediately to protect their systems and data.
