Apache NiFi H2 Connection String Remote Code Execution

The DBCPConnectionPool and HikariCPConnectionPool Controller Services in Apache NiFi 0.0.2 through 1.21.0 allow an authenticated and authorized user to configure a Database URL with the H2 driver that enables custom code execution. This exploit will result in several shells (5-7). Successfully tested against Apache nifi 1.17.0 through 1.21.0.   Exploit Files ≈ Packet Storm 

 

More To Explore

The Core of Modern Cybersecurity

Modern Cybersecurity and Security Control Validation In the ever-shifting sands of the cyber threat landscape, the need for a dynamic and robust cybersecurity posture has