top of page
perceptive_background_267k.jpg

Eclipse Equinox OSGi 3.7.2 and earlier contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by sen…

Published:

4 May 2026 at 22:00:00

Alert date:

5 May 2026 at 20:13:49

Source:

nvd.nist.gov

Click to open the original link from this advisory

Enterprise Applications, Web Technologies

Eclipse Equinox OSGi 3.7.2 and earlier versions contain a critical remote code execution vulnerability (CVE-2023-54344) that allows unauthenticated attackers to execute arbitrary commands. Attackers can exploit this by connecting to the OSGi console port and sending base64-encoded bash commands wrapped in fork directives. The vulnerability enables complete system compromise through command execution and reverse shell establishment. No authentication is required to exploit this flaw, making it particularly dangerous for exposed systems. The vulnerability affects the console interface component of the OSGi framework.

Technical details

Mitigation steps:

Affected products:

Eclipse Equinox OSGi

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2023-54344
https://www.exploit-db.com/exploits/51879
https://www.vulncheck.com/advisories/eclipse-equinox-osgi-remote-code-execution-via-console

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page