The Apache ActiveMQ version 6.1.6 is prone to a Denial of Service (DOS) vulnerability. An attacker can exploit this vulnerability by sending specially crafted requests to the server, causing it to become unresponsive or crash.
This module exploits a directory traversal vulnerability (CVE-2015-1830) in Apache ActiveMQ 5.x before 5.11.2 for Windows. The module tries to upload a JSP payload to the /admin directory via the traversal path /fileserver/..admin using an HTTP PUT request with the default ActiveMQ credentials admin:admin (or other credentials provided by the user). It then issues an HTTP GET request to /admin/<payload>.jsp on the target in order to trigger the payload and obtain a shell.
Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request via the Fileserver web application.
An attacker could use this flaw to upload arbitrary files to the server, including a JSP shell, leading to remote code execution. The attacker can then take a standard JSP shell and upload it to the server.
Services By CQR