CVE-2023-54344

CRITICAL SEVERITY

CVSS Score & Metrics

Base Score

9.8 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H                                    

Vulnerability Description

Eclipse Equinox OSGi 3.7.2 and earlier contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by sending payloads to the console interface. Attackers can connect to the OSGi console port and send base64-encoded bash commands wrapped in fork directives to achieve code execution and establish reverse shell connections.

Vulnerability Details

Published Date

May 05, 2026

Last Modified

May 05, 2026

CWE ID

CWE-306

Source

NVD

Vendor

equinox

Product

[OSGi

External References

https://www.exploit-db.com/exploits/51879
https://www.vulncheck.com/advisories/eclipse-equinox-osgi-remote-code-execution-via-console

CVE-2023-54344

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment