When I first encountered Kafka UI, I was thrilled that such a dangerous functionality is exposed without authentication. After some time I discovered different ways to turn it to Remote Code Execution.

Here is the technical analysis of these vulnerabilities in my GitHub blog: https://github.blog/security/vulnerability-research/3-ways-to-get-remote-code-execution-in-kafka-ui/

Posted by Michael Stepankin at 3:48:00 AM