CVE-2025-24814

Remote Code Execution
Affects
Apache Solr
<9.8.0
in
Apache Solr & Lucene
No items found.
Exclamation circle icon
Patch Available

This Vulnerability has been fixed in the Never-Ending Support (NES) version offered by HeroDevs

Overview

Apache Solr is an open-source search platform built on Apache Lucene, designed for scalable, high-performance search and indexing. It supports full-text search, faceted search, real-time indexing, distributed searching, and high availability. Solr is widely used in applications requiring fast and efficient search capabilities, such as e-commerce, enterprise search, and log analytics. 

A Remote Code Execution (RCE) vulnerability (CVE-2025-24814) has been identified in the FileSystemConfigSetService component. This vulnerability allows attackers to load malicious code as a plugin.

Per the Open Web Application Security Project (OWASP): "Code Injection occurs when untrusted data is sent to an interpreter as part of a command or query. The attacker's hostile data can trick the interpreter into executing unintended commands or accessing data without proper authorization."

This issue affects versions below 9.8.0

Details

Module Info

Vulnerability Info

A security vulnerability has been identified in Apache Solr versions up to 9.7, allowing unauthorized configuration changes in certain deployment scenarios. Specifically, instances running in "standalone" or "user-managed" mode without authentication and authorization enabled are at risk. The flaw permits attackers to replace trusted configuration files with arbitrary versions, leading to the execution of potentially malicious code. By exploiting the <lib> directive in solrconfig.xml, an attacker could introduce unauthorized JAR files into Solr’s classpath, enabling remote code execution through custom plugins or components.

To mitigate this risk, users should ensure authentication and authorization are enabled or transition to SolrCloud, which does not rely on the vulnerable FileSystemConfigSetService component. Additionally, upgrading to Solr 9.8.0 is strongly recommended, as this version removes support for the <lib> directive by default, closing the attack vector. Alternative, more secure methods for managing custom JAR files include adding them directly to Solr’s classpath or utilizing the package management system.

Credit

  • pwn null

Mitigation

Apache Solr versions below or equal to 8.11.4 are no longer community-supported. The community support version will not receive any updates to address this issue. For more information, see here.

Users of the affected components should apply one of the following mitigations:

  • Upgrade Apache Solr to >=9.8.0
  • Leverage a commercial support partner like HeroDevs for post-EOL security support.

Vulnerability Details
ID
CVE-2025-24814
PROJECT Affected
Apache Solr
Versions Affected
<9.8.0
Published date
March 21, 2025
≈ Fix date
March 21, 2025
Severity
Medium
Category
Remote Code Execution
Sign up for the latest vulnerability alerts fixed in
Apache Solr & Lucene NES
Rss feed icon
Subscribe via RSS
or
Thanks for signing up for our Newsletter! We look forward to connecting with you.
Oops! Something went wrong while submitting the form.