¡¾·ì϶¹«¸æ¡¿Apache ActiveMQ NMS AMQP ·´ÐòÁл¯·ì϶(CVE-2025-54539)

°ä²¼¹¦·ò 2025-10-17

Ò»¡¢¡¢¡¢·ì϶¸ÅÊö


·ì϶Ãû³Æ

Apache ActiveMQ NMS AMQP ·´ÐòÁл¯·ì϶

CVE   ID

CVE-2025-54539

·ì϶ÀàÐÍ

·´ÐòÁл¯·ì϶

·¢ÏÖ¹¦·ò

2025-10-17

·ì϶ÆÀ·Ö

9.8

·ì϶µÈ¼¶

ÑÏÖØ

¹¥»÷ÏòÁ¿

ÍøÂç

ËùÐèȨÏÞ

ÎÞ

ÀûÓÃÄѶÈ

µÍ

Óû§½»»¥

±ØÒª

PoC/EXP

δ¹«¿ª

ÔÚÒ°ÀûÓÃ

δ·¢ÏÖ


Apache ActiveMQÊÇÒ»¿îÓÉApacheÈí¼þ»ù½ð»á¿ª·¢µÄ¿ªÔ´ÐÂÎÅÖÐÑë¼þ£¬ £¬Ö§³ÖJMS¡¢¡¢¡¢AMQP¡¢¡¢¡¢MQTT¡¢¡¢¡¢STOMPµÈ¶àÖÖÐÂÎźÍ̸ ¡£ËüÓÃÓÚ¹¹½¨¸ß¿¿µÃסµÄÒì²½ÐÂÎÅ´«µÝϵͳ£¬ £¬ÊµÏÖÀûÓüäµÄ½âñîÓëÒ첽ͨѶ£¬ £¬¿í·ºÀûÓÃÓÚÆóÒµ¼¶ÐÂÎŶÓÁС¢¡¢¡¢É¢²¼Ê½ÏµÍ³Óë΢·þÎñ¼Ü¹¹ÖÐ ¡£


2025Äê10ÔÂ17ÈÕ£¬ £¬OG¶«·½Ìü¼¯ÍÅVSRC¼à²âµ½Apache ActiveMQ NMS AMQP ClientµÄ·´ÐòÁл¯·ì϶£¬ £¬µ±Óë²»ÊÜÐÅÀµAMQP·þÎñÆ÷½»»¥Ê±£¬ £¬¿Í»§¶ËµÄ¶þ½øÖÆ·´ÐòÁл¯¿É±»ÀÄÓ㬠£¬¹¥»÷Õß¿ÉÄÜÖ´ÐÐËÁÒâ´úÂë ¡£ËäÔÚ2.1.0ÒýÈëallow/deny°×Ãûµ¥ÒÔÏ޶ȷ´ÐòÁл¯£¬ £¬µ«ÔÚijЩǰÌáÏ¿ɱ»Èƹý ¡£·ì϶ÆÀ·Ö9.8·Ö£¬ £¬·ì϶¼¶±ðÑÏÖØ ¡£


¶þ¡¢¡¢¡¢Ó°ÏìÁìÓò


Apache ActiveMQ NMS AMQP Client <= 2.3.0


Èý¡¢¡¢¡¢°²È«´ëÊ©


3.1 Éý¼¶°æ±¾


apache¹Ù·½ÒÑ°ä²¼ÐÞ¸´²¹¶¡£¬ £¬ÒÔÐÞ¸´¸Ã·ì϶ ¡£
Apache ActiveMQ NMS AMQP Client >= 2.4.0


ÏÂÔØÁ´½Ó£ºhttps://activemq.apache.org/


3.2 һʱ´ëÊ©


ÔÝÎÞ ¡£


3.3 ͨÓý¨Òé


? ¶¨ÆÚ¸üÐÂϵͳ²¹¶¡£¬ £¬Ï÷¼õϵͳ·ì϶£¬ £¬ÌáÉý·þÎñÆ÷µÄ°²È«ÐÔ ¡£
¼ÓǿϵͳºÍÍøÂçµÄ½Ó¼û½ÚÖÆ£¬ £¬Åú¸Ä·À»ðǽսÊõ£¬ £¬¹Ø±Õ·Ç±ØÒªµÄÀûÓö˿ڻò·þÎñ£¬ £¬Ï÷¼õ½«Î£ÏÕ·þÎñ£¨ÈçSSH¡¢¡¢¡¢RDPµÈ£©Â¶³öµ½¹«Íø£¬ £¬Ï÷¼õ¹¥»÷Ãæ ¡£
ʹÓÃÆóÒµ¼¶°²È«²úÆ·£¬ £¬ÌáÉýÆóÒµµÄÍøÂ簲ȫ»úÄÜ ¡£
¼ÓǿϵͳÓû§ºÍȨÏÞÖÎÀí£¬ £¬ÆôÓöà³É·ÖÈÏÖ¤»úÖƺÍ×îСȨÏÞ×¼Ôò£¬ £¬Óû§ºÍÈí¼þȨÏÞӦά³ÖÔÚ×îµÍÏÞ¶È ¡£
ÆôÓÃÇ¿ÃÜÂëÕ½Êõ²¢ÉèÖÃΪ¶¨ÆÚÅú¸Ä ¡£


3.4 ²Î¿¼Á´½Ó


https://seclists.org/oss-sec/2025/q4/47/
https://lists.apache.org/thread/9k684j07ljrshy3hxwhj5m0xjmkz1g2n/
https://nvd.nist.gov/vuln/detail/CVE-2025-54539