module
Kafka UI Unauthenticated Remote Command Execution via the Groovy Filter option.
| Disclosed |
|---|
| Sep 27, 2023 |
Disclosed
Sep 27, 2023
Description
A command injection vulnerability exists in Kafka ui between `v0.4.0` and `v0.7.1` allowing
an attacker to inject and execute arbitrary shell commands via the `groovy` filter parameter
at the `topic` section.
an attacker to inject and execute arbitrary shell commands via the `groovy` filter parameter
at the `topic` section.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.