In this blog post, we'll explain how we discovered three critical vulnerabilities in Kafka UI and how they can be exploited.

The GitHub Blog provides updates, announcements, and insights from the world's leading software development platform, covering topics such as new features, community highlights, and industry trends. Developers can learn about GitHub's latest developments, best practices for collaboration, and tips for maximizing productivity on the platform.

GitHub Blog

Kafka UI, a popular open-source web app for managing Apache Kafka clusters, was found to have multiple Remote Code Execution (RCE) vulnerabilities due to lack of authentication and exposure to various attack vectors. These vulnerabilities, discovered in versions prior to 0.7.2, can be exploited through Groovy script execution, JMX connector misconfiguration, and JndiLoginModule. Users are advised to upgrade to version 0.7.2 for security fixes and implement additional precautions such as serialization filters to mitigate risks.

3 ways to get Remote Code Execution in Kafka UI

CVE-2023-52251: RCE via Groovy script execution