Myles Nieman
← All writeups

CVE-2023-46604

2 writeups

OpenAD

Hard

A default-credentialed Apache ActiveMQ 5.18.2 console on a Windows domain controller is exploited via CVE-2023-46604 for initial access; a Kerberos …

Windows

Broker

Easy

A default-credentialed Apache ActiveMQ 5.15.15 console reveals a version vulnerable to CVE-2023-46604 (OpenWire deserialization RCE); a sudo-allowed …

Linux