Threat actors are actively exploiting a recently disclosed critical security flaw in Apache HugeGraph-Server, potentially leading to remote code execution attacks. Identified as CVE-2024-27348 (CVSS score: 9.8), this vulnerability affects all versions of the software before 1.3.0 and is described as a remote command execution flaw in the Gremlin graph traversal language API.
The Apache Software Foundation advised users to upgrade to version 1.3.0 with Java11 and enable the Auth system to fix the issue. Additionally, enabling the “Whitelist-IP/port” function can enhance the security of RESTful-API execution.
SecureLayer7, a penetration testing company, released additional technical specifics in early June, highlighting the flaw’s ability to bypass sandbox restrictions and achieve code execution, giving attackers complete control over a vulnerable server.
This week, the Shadowserver Foundation reported in-the-wild exploitation attempts leveraging the flaw, making it crucial for users to apply the latest fixes without delay. “We are observing Apache HugeGraph-Server CVE-2024-27348 RCE ‘POST /gremlin’ exploitation attempts from multiple sources,” said the foundation. “Proof-of-concept code has been public since early June. If you run HugeGraph, make sure to update.”
🚨Patch Now🚨
Critical Apache HugeGraph Vulnerability Under Attack
CVE-2024-27348 CVSS: 9.8ZoomEye Dork👉app:”Apache HugeGraph”
The flaw, impacting Apache HugeGraph-Server versions 1.0.0 to 1.2.1 running on Java 8 or Java 11, resides in the graph database’s Gremlin traversal… https://t.co/HLk8XsaAyR pic.twitter.com/z7I2c7RArC
— ZoomEye (@zoomeye_team) July 17, 2024
Vulnerabilities in Apache projects have been lucrative targets for nation-state and financially motivated threat actors in recent years, with flaws in Log4j, ActiveMQ, and RocketMQ heavily exploited to infiltrate target environments.
Prompt action is essential to secure systems against this critical vulnerability.
Start Growing with Cloudways Today.
Our Clients Love us because we never compromise on these
Abdul Rehman
Abdul is a tech-savvy, coffee-fueled, and creatively driven marketer who loves keeping up with the latest software updates and tech gadgets. He’s also a skilled technical writer who can explain complex concepts simply for a broad audience. Abdul enjoys sharing his knowledge of the Cloud industry through user manuals, documentation, and blog posts.