Apache ActiveMQ remote code execution flaw (CVE-2023-46604)
Vulnerability
Summary
Hide ▲
Show ▼
Apache ActiveMQ CVE-2023-46604 is a maximum-severity remote code execution flaw that can let attackers take over vulnerable Linux servers, and it is being used for initial access in the current campaign.
Related Happenings
MongoDB CVE-2025-14847 active exploitation worldwide
Exploitation Wave
First: 29.12.2025 09:49
Last: 29.12.2025 09:49
Sources 1
About this happening:
**CVE-2025-14847** is being **actively exploited** against **MongoDB** deployments, putting a global pool of **87,000+** potentially susceptible instances at risk. The wave matter...
MongoDB CVE-2025-14847 active exploitation worldwide
Exploitation WaveAbout this happening: **CVE-2025-14847** is being **actively exploited** against **MongoDB** deployments, putting a global pool of **87,000+** potentially susceptible instances at risk. The wave matter...
Timeline
-
19.08.2025 16:00 1 articles · 9mo ago
Active exploitation of Apache ActiveMQ CVE-2023-46604 on Linux servers
Initial DisclosureA campaign is exploiting CVE-2023-46604 in Apache ActiveMQ to compromise Linux servers, run reconnaissance, deploy Sliver framework or Cloudflare Tunnels for persistence, install a new loader dubbed DripDropper, and replace vulnerable JAR files with patched versions to hide the original entry point and block other attackers.
Show sources
- 'DripDropper' Hackers Patch Their Own Exploit — www.darkreading.com — 19.08.2025 16:00