Overview Recently, a domestic security organization released a security advisory to announce a remote code execution vulnerability in Yongyou NC. An attacker could exploit this vulnerability to trigger a deserialization vulnerability via a crafted HTTP request, causing remote code execution on a target server. Yongyou NC is a piece of...
Category: Emergency Response
WebSphere Remote Code Execution Vulnerability (CVE-2020-4450) Threat Alert
Vulnerability Description On June 5, Beijing time, IBM released a security advisory to announce the fix of a remote code execution vulnerability (CVE-2020-4450) in WebSphere Application Server (WAS). This vulnerability is caused by deserialization of the IIOP protocol. An unauthenticated attacker could target the WAS server remotely via the IIOP...
Windows SMBv3 Remote Code Execution Vulnerability (CVE-2020-0796) Technical Analysis and Solution
Overview On March 11, Beijing time, Microsoft released March 2020 updates to fix vulnerabilities among which is a remote code execution vulnerability in Microsoft Server Message Block 3.1.1 (SMBv3) indicated in a security bulletin released earlier. This vulnerability exists in the way the Microsoft SMBv3 protocol handles certain requests. An...
Apache Kylin Remote Code Execution Vulnerability (CVE-2020-1956) Threat Alert
Vulnerability Description Recently, Apache released a security advisory to announce the fix of a remote code execution vulnerability (CVE-2020-1956) in Apache Kylin. Apache Kylin has some RESTful APIs that will associate OS commands with user-typed strings. As Apache Kylin fails to properly verify user inputs, an attacker could execute arbitrary...
Fastjson 1.2.68 and Earlier Remote Code Execution Vulnerability Threat Alert
Vulnerability Description On May 28, Fastjson 1.2.68 and before were reported to contain a remote code execution vulnerability that bypasses the autoType switch to implement deserialization of classes that contain security risks. Attackers could exploit this vulnerability to execute arbitrary code on the target machine. (more…)
Apache Tomcat Session Deserialization Code Execution Vulnerability (CVE-2020-9484) Threat Alert
Overview Recently, Apache Tomcat released a security advisory, announcing the fix of a remote code execution vulnerability (CVE-2020-9484) due to persistent session. An attacker can exploit this vulnerability only when the following conditions are met: The attacker can take control of the contents and name of a file on the...
