CVE-2026-33453
CRITICAL10.0EPSS 6.1%Apache camel-coap allows header injection that can lead to remote code execution
描述
Apache Camel's camel-coap component is vulnerable to header injection because it maps CoAP request URI query parameters directly into Camel message headers without applying a HeaderFilterStrategy. An unauthenticated attacker can send a crafted CoAP request to inject arbitrary Camel internal headers into the exchange. When a vulnerable route forwards that exchange to a header-sensitive downstream producer, the attacker may be able to control producer behavior. For example, in routes using camel-exec, injected headers can override the configured executable and arguments, which can result in arbitrary command execution with the privileges of the Camel process. Command output may be returned to the attacker in the CoAP response. This issue affects org.apache.camel:camel-coap from 4.14.0 through 4.14.5 and from 4.18.0 before 4.18.1. It is fixed in 4.14.6, 4.18.1, and 4.19.0.
受影響套件(1)
- Maven/org.apache.camel:camel-coap>= 4.14.0, < 4.14.6
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | CRITICAL10.0 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
參考連結(11)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2026-33453
- PATCHhttps://github.com/apache/camel/blob/main/components/camel-coap
- WEBhttps://camel.apache.org/security/CVE-2026-33453.html
- WEBhttps://github.com/apache/camel/commit/05cffa5ec05ff2ec3c50a77825625da6e426e7a8
- WEBhttps://github.com/apache/camel/commit/3926ab2b7745e36da2cd8e0dc019018bc415aff9
- WEBhttps://github.com/apache/camel/commit/e074c01a719cccf3b1c2efbd2ff31e60fd6220ce
- WEBhttps://github.com/apache/camel/pull/22146
- WEBhttps://github.com/apache/camel/pull/22147
- WEBhttps://github.com/apache/camel/pull/22148
- WEBhttps://issues.apache.org/jira/browse/CAMEL-23222
- WEBhttp://www.openwall.com/lists/oss-security/2026/04/26/3