Exploit for Code Injection in Apache Nifi CVE-2023-34468

Name: Exploit for Code Injection in Apache Nifi CVE-2023-34468
Rating: 5 (14 reviews)
2026-06-16 | CVSS 8.8
## https://sploitus.com/exploit?id=A34D1BC1-7B69-5F1F-A6EF-D572FB2CA379
# CVE-2023-34468 PoC for Apache NiFi

![Python](https://img.shields.io/badge/Python-3.x-blue)
![Apache NiFi](https://img.shields.io/badge/Apache-NiFi-orange)
![CVE](https://img.shields.io/badge/CVE-2023--34468-red)

Educational proof-of-concept (PoC) for **CVE-2023-34468** affecting **Apache NiFi** versions prior to **1.22.0**. This repository demonstrates how abuse of H2 JDBC URL configuration can lead to authenticated remote code execution (RCE) in vulnerable Apache NiFi installations.

---

# Overview

CVE-2023-34468 is an authenticated remote code execution vulnerability affecting Apache NiFi controller services.

The vulnerability stems from the ability to configure an H2 JDBC URL using the `INIT=RUNSCRIPT` feature, allowing arbitrary code execution when vulnerable controller services are enabled.

This repository demonstrates the vulnerability in authorized laboratory environments for educational and research purposes.

---

# Features

* Controller service state management
* Database Connection URL modification
* H2 JDBC `INIT=RUNSCRIPT` execution
* Apache NiFi API interaction
* Payload triggering workflow
* Educational proof-of-concept implementation

---

# Technical Details

### Vulnerability

* **CVE:** CVE-2023-34468
* **Product:** Apache NiFi
* **Type:** Authenticated Remote Code Execution (RCE)
* **Attack Vector:** H2 JDBC URL configuration
* **Affected Versions:** Apache NiFi 0.0.2 – 1.21.0
* **Fixed Version:** Apache NiFi 1.22.0

The vulnerability arises from abuse of H2 JDBC URLs through the `INIT=RUNSCRIPT` functionality. When a vulnerable controller service is enabled, an attacker with sufficient privileges may achieve arbitrary code execution.

---

# Requirements

* Python 3
* requests
* Apache NiFi <= 1.21.0

---

# Installation

```bash
git clone https://github.com/spikeyjr/CVE-2023-34468-PoC.git
cd CVE-2023-34468-PoC

pip install requests
```

---

# Usage

```bash
python3 cve_2023_34468_poc.py
```

---

# Repository Structure

```text
.
├── cve_2023_34468_poc.py
├── README.md
├── LICENSE
└── .gitignore
```

---

# Disclaimer

This repository is intended solely for educational purposes and authorized security testing.

Use this code only against systems you own or systems for which you have explicit permission to assess.

The author assumes no responsibility for misuse or damage caused by this software.

---

# References

### National Vulnerability Database (NVD)

https://nvd.nist.gov/vuln/detail/CVE-2023-34468

### Apache NiFi Security Advisory

https://nifi.apache.org/security.html

### Apache NiFi Project

https://nifi.apache.org/

---

# Keywords

CVE-2023-34468, Apache NiFi, H2 JDBC, INIT=RUNSCRIPT, authenticated RCE, proof-of-concept, PoC, remote code execution, cybersecurity, security research, penetration testing, Python, Apache NiFi exploit, CVE-2023-34468 PoC.