Skip to content

Home Publications Apache Karaf Arbitrary File Write Vulnerability
Apache Karaf Arbitrary File Write Vulnerability
Tuesday, 07 May 2019 12:00

A vulnerability was reported in Config service of Apache Karaf prior to 4.2.5. Attacker may be able to travel in any directory and overwrite existing file. Apache Karaf users are advised to upgrade to 4.2.5 or later as soon as possible, or limit filesystem permission for the Karaf process user.

 
[YOUR IP: 100.26.176.182: 59896] ...   [YOUR BROWSER: CCBot/2.0 (https://commoncrawl.org/faq/)] ...