Mirai Botnet targeting OFBiz Servers Vulnerable to Directory Traversal
Aug 02, 2024
Vulnerability / Network Security
 Enterprise Resource Planning (ERP) Software is at the heart of many enterprising supporting human resources, accounting, shipping, and manufacturing. These systems can become very complex and difficult to maintain. They are often highly customized, which can make patching difficult. However, critical vulnerabilities keep affecting these systems and put critical business data at risk.   The SANS Internet Storm Center published a report  showing how the open-source ERP framework OFBiz is currently the target of new varieties of the Mirai botnet.  As part of its extensive project portfolio, the Apache Foundation supports OFBiz , a Java-based framework for creating ERP (Enterprise Resource Planning) applications. OFBiz appears to be far less prevalent  than commercial alternatives. However, just as with any other ERP system, organizations rely on it for sensitive business data, and the security of these ERP systems is critical.  In May this year, a critical security update  was releas...