Apache Solr
Easy fix5 remedies
cpe:2.3:a:apache:solr:*:*:*:*:*:*:*
Easy fix5 remedies
- >= 7.7.2, < 7.7.3
Actively Exploited in the Wild
This vulnerability is being actively exploited in the wild.
Apache Solr DataImportHandler Remote Code Execution Vulnerability
Vulnerability
Exploited
Patched
A remote code execution vulnerability has been identified in Apache Solr versions prior to 8.2.0, specifically within the DataImportHandler module. This vulnerability arises because the 'dataConfig' parameter can be used to inject malicious scripts into the DataImportHandler configuration. Although the 'dataConfig' parameter is disabled by default in Solr 8.2.0 and later, it remains a security risk in previous versions.
Impact
Exploitation of this vulnerability allows for remote code execution on the server where Solr is running.
Reproduction
To reproduce this vulnerability, upload a malicious script through the 'dataConfig' parameter of the DataImportHandler. This can be done by enabling the 'dataConfig' parameter in a Solr request, which will allow the injection of scripts into the DataImportHandler configuration. Once the malicious script is uploaded, it can be executed on the server, leading to remote code execution.
Remediation
Users can upgrade to Apache Solr 8.2.0 or later, which disables the 'dataConfig' parameter by default. For those using Solr 7.7.1 or 7.7.2, the vulnerability can be addressed by applying the backport available in the Solr 8.1.2 release.
Added: Mar 16, 2026, 8:40 PM
Updated: Mar 16, 2026, 8:40 PM
Vulnerability Rating
Custom Algorithm
spread
4.5impact
10.0exploitability
7.5remediation
7.9relevance
0.0threat
9.9urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.