The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request. Therefore, we can write a file and then move it to any directory, thereby causing arbitrary file writing vulnerability.
Affected version: Apache ActiveMQ 5.x - 5.13.x
FOFA query rule: app="Apache-ActiveMQ"
