CVE-2023-41331

Summary

CVE-2023-41331 is a remote command execution vulnerability affecting versions of SOFARPC, a Java RPC framework, prior to 5.11.0. An attacker can exploit this vulnerability by employing a carefully crafted payload for JNDI injection or system command execution. The default configuration of SOFARPC incorporates a blacklist to filter out harmful classes during deserialization, but it falls short in preventing the exploitation of certain native JDK classes and popular third-party packages. Version 5.11.0 includes a patch to address this issue, and as a temporary measure, users can extend the blacklist with `javax.sound.sampled.AudioFileFormat` to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.