CVE-2023-54342

Name of the Vulnerable Software and Affected Versions Eclipse Equinox OSGi versions 3.8 through 3.18

Description A remote code execution flaw exists in the console interface. Unauthenticated attackers can execute arbitrary code by exploiting the fork command functionality. This is achieved by establishing a telnet connection to the OSGi console, performing a telnet handshake, and sending fork commands to download and execute malicious Java code, which can result in a reverse shell connection.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.