New users Hack in my Openfire

Hi Everybody!

I see several users being created daily in my Openfire, some with a generic name or openfiresupport, where they upload a plugin and then stop accessing it, is it some malware? how do i prevent external connection?
I removed the users and they are always recreated.

Sorry to hear about the problems, Paulo.

The root cause of this is CVE-2023-32315, please read the security advisory as soon as you can, it covers the steps you need to take to block this activity:


OMG! :hushed:

Tks cybermaggedon!!!

1 Like

I disabled external access which was rarely used as a stopgap until I managed to update Openfire, Thanks!