CVE-2024-36104

CRITICAL EXPLOITED NUCLEI

Apache OFBiz <18.12.14 - Path Traversal

Title source: llm

Exploitation Summary

CVE-2024-36104 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 2 public exploits from researchers including Mr-xn, ggfzx. A Nuclei detection template is also available.

AI-analyzed exploit summary The repository contains a functional proof-of-concept exploit for CVE-2024-32113, demonstrating a path traversal vulnerability in Apache OFBiz leading to remote code execution (RCE). The exploit leverages a crafted HTTP POST request to execute arbitrary commands via Groovy script injection.

Description

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.14. Users are recommended to upgrade to version 18.12.14, which fixes the issue.

Exploits (2)

github WORKING POC 27 stars

by Mr-xn · poc

https://github.com/Mr-xn/CVE-2024-32113

View Code ZIP pw:eip

The repository contains a functional proof-of-concept exploit for CVE-2024-32113, demonstrating a path traversal vulnerability in Apache OFBiz leading to remote code execution (RCE). The exploit leverages a crafted HTTP POST request to execute arbitrary commands via Groovy script injection.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Apache OFBiz before 18.12.14

No auth needed

Prerequisites: Network access to the target Apache OFBiz instance

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 19, 2026 Full analysis →

nomisec SUSPICIOUS 2 stars

by ggfzx · poc

https://github.com/ggfzx/CVE-2024-36104

View Code ZIP pw:eip

The repository lacks actual exploit code and only provides a README with generic usage instructions and a screenshot. It does not include technical details about the vulnerability or functional exploit code.

Classification

Suspicious 90%

Attack Type

Other

Complexity

N/a

Reliability

N/a

Target: Apache OFBiz (version <= 18.12.14)

No auth needed

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Nuclei Templates (1)

Apache OFBiz - Directory Traversal & Remote Code Execution

CRITICALVERIFIEDby Co5mos

Shodan: http.title:"ofbiz" || http.html:"apache ofbiz" || http.html:"ofbiz" || ofbiz.visitor=

FOFA: app="apache_ofbiz" || body="apache ofbiz" || title="ofbiz"

References (5)

Core 5

Core References

Mailing List

http://www.openwall.com/lists/oss-security/2024/06/03/1

Product mitigation

https://ofbiz.apache.org/download.html

Vendor Advisory related

https://ofbiz.apache.org/security.html

Issue Tracking issue-tracking

https://issues.apache.org/jira/browse/OFBIZ-13092

Mailing List, Release Notes vendor-advisory

https://lists.apache.org/thread/sv0xr8b1j7mmh5p37yldy9vmnzbodz2o

Scores

CVSS v3 9.1

EPSS 0.8788

EPSS Percentile 99.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

VulnCheck KEV 2024-08-19

CWE

CWE-22

Status published

Products (1)

apache/ofbiz < 18.12.14

Published Jun 04, 2024

Tracked Since Feb 18, 2026