CVE-2023-36542

HIGH EXPLOITED IN THE WILD

Apache NiFi <1.22.0 - Authenticated RCE

Title source: llm

Exploitation Summary

CVE-2023-36542 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io). EIP tracks 1 public exploit from researchers including shoucheng3.

AI-analyzed exploit summary This repository appears to be a legitimate Apache NiFi project with documentation and source code. It does not contain exploit code or a proof-of-concept for CVE-2023-36542, but rather general project files and READMEs.

Description

Apache NiFi 0.0.2 through 1.22.0 include Processors and Controller Services that support HTTP URL references for retrieving drivers, which allows an authenticated and authorized user to configure a location that enables custom code execution. The resolution introduces a new Required Permission for referencing remote resources, restricting configuration of these components to privileged users. The permission prevents unprivileged users from configuring Processors and Controller Services annotated with the new Reference Remote Resources restriction. Upgrading to Apache NiFi 1.23.0 is the recommended mitigation.

Exploits (1)

nomisec WRITEUP

by shoucheng3 · poc

https://github.com/shoucheng3/asf__nifi_CVE-2023-36542_1-22-0

View Code ZIP pw:eip

This repository appears to be a legitimate Apache NiFi project with documentation and source code. It does not contain exploit code or a proof-of-concept for CVE-2023-36542, but rather general project files and READMEs.

Classification

Writeup 90%

Attack Type

Other

Complexity

Trivial

Reliability

Theoretical

Target: Apache NiFi

No auth needed

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Not Applicable

http://seclists.org/fulldisclosure/2023/Jul/43

Mailing List, Third Party Advisory

http://www.openwall.com/lists/oss-security/2023/07/29/1

Vendor Advisory release-notes

https://nifi.apache.org/security.html#CVE-2023-36542

Issue Tracking, Mailing List, Vendor Advisory vendor-advisory

https://lists.apache.org/thread/swnly3dzhhq9zo3rofc8djq77stkhbof

Scores

CVSS v3 8.8

EPSS 0.0118

EPSS Percentile 79.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

VulnCheck KEV 2024-09-18

InTheWild.io 2024-09-18

CWE

CWE-94

Status published

Products (9)

apache/nifi 0.0.2 - 1.22.0

org.apache.nifi/nifi-cdc-mysql-bundle 0.0.2 - 1.23.0Maven

org.apache.nifi/nifi-dbcp-service 0.0.2 - 1.23.0Maven

org.apache.nifi/nifi-hadoop-dbcp-service 0.0.2 - 1.23.0Maven

org.apache.nifi/nifi-hbase_2-client-service 0.0.2 - 1.23.0Maven

org.apache.nifi/nifi-hikari-dbcp-service 0.0.2 - 1.23.0Maven

org.apache.nifi/nifi-jms-processors 0.0.2 - 1.23.0Maven

org.apache.nifi/nifi-record-serialization-services 0.0.2 - 1.23.0Maven

org.apache.nifi/nifi-standard-processors 0.0.2 - 1.23.0Maven

Published Jul 29, 2023

Tracked Since Feb 18, 2026