OpenFire Code Execution

by Adam Baldwin

We have identified a number of vulnerabilities that affect the OpenFire 3.7.1 XMPP server, one of which uses cross-site request forgery to upload and execute a malicious plugin.

Findings include vulnerabilties in the following classes

  • Cross-Site Scripting (Stored & Reflected)
  • Cross-Site Request Forgery

Download the advisory

Reverse Shell Plugin Source Connects to 127.0.0.1:4444