Eclipse Equinox OSGi 3.7.2 and earlier contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by sen…

Eclipse Equinox OSGi version 3.7.2 and earlier contains a critical remote code execution vulnerability (CVE-2023-54344) that allows unauthenticated attackers to execute arbitrary commands through the console interface. Attackers can connect to the OSGi console port and send base64-encoded bash commands wrapped in fork directives to achieve code execution. The vulnerability enables attackers to establish reverse shell connections and gain unauthorized access to affected systems. This represents a significant security risk for applications using vulnerable versions of Eclipse Equinox OSGi framework.