CVE-2025-54466

CRITICAL LAB

Apache OFBiz < 24.09.02 - Unauthenticated Remote Code Execution via Scrum Plugin

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-54466. PoCs published by exploitintel.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2025-54466, demonstrating Remote Code Execution (RCE) in Apache OFBiz via SVN argument injection. The exploit leverages the `--diff-cmd` flag in SVN commands to execute arbitrary commands, with output returned in the HTTP response.

Description

Improper Control of Generation of Code ('Code Injection') vulnerability leading to a possible RCE in Apache OFBiz scrum plugin. This issue affects Apache OFBiz: before 24.09.02 only when the scrum plugin is used. Even unauthenticated attackers can exploit this vulnerability. Users are recommended to upgrade to version 24.09.02, which fixes the issue.

Exploits (1)

github WORKING POC 1 stars

by exploitintel · pythonpoc

https://github.com/exploitintel/eip-pocs-and-cves/tree/main/CVE-2025-54466

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2025-54466, demonstrating Remote Code Execution (RCE) in Apache OFBiz via SVN argument injection. The exploit leverages the `--diff-cmd` flag in SVN commands to execute arbitrary commands, with output returned in the HTTP response.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Apache OFBiz (Scrum Plugin) versions before 24.09.02

Auth required

Prerequisites: Apache OFBiz with Scrum plugin enabled · Valid credentials (default: admin/ofbiz)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Mar 02, 2026 Full analysis →

References (6)

Core 6

Core References

Product mitigation

https://ofbiz.apache.org/download.html

Vendor Advisory related

https://ofbiz.apache.org/security.html

Release Notes release-notes

https://ofbiz.apache.org/release-notes-24.09.02.html

Patch issue-tracking

https://issues.apache.org/jira/browse/OFBIZ-13276

Mailing List, Third Party Advisory vendor-advisory

https://lists.apache.org/thread/14d0yd9co9gx2mctd3vyz1cc8d39n915

Mailing List

http://www.openwall.com/lists/oss-security/2025/08/05/1

Scores

CVSS v3 9.8

EPSS 0.1411

EPSS Percentile 96.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Lab Environment

EIP LAB

vulnerable docker pull ghcr.io/exploitintel/cve-2025-54466-vulnerable:latest

View in Library GitHub

Details

CWE

CWE-94

Status published

Products (1)

apache/ofbiz < 24.09.02

Published Aug 15, 2025

Tracked Since Feb 18, 2026