Exploit for #VU23850 Code Injection in Apache Solr

Cybersecurity Help s.r.o.

Published: 2020-04-02 | Updated: 2020-12-16

Vulnerability identifier: #VU23850

Vulnerability risk: Medium

CVSSv4.0: 8.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Green]

CVE-ID: CVE-2019-17558

CWE-ID: CWE-94

Exploitation vector: Network

Exploits in database: 2

December 16, 2020
- Exploit_CVE-2019-17558-RCE (Apache Solr 1.4 Injection to get a shell) [Github]
April 2, 2020
- Apache Solr Remote Code Execution via Velocity Template [Metasploit]

Vulnerable software:
Apache Solr
Client/Desktop applications / Other client software

Vendor: Apache Foundation