Emergency Response

Overview On January 19, NSFOCUS CERT detected that Apache released a security bulletin that disclosed three Log4j vulnerabilities, all of which affected the Apache Log4j 1.x version, and the official support and maintenance are no longer available. Please take measures as soon as possible to protect the relevant users. Apache log4j JMSSink Deserialization Code Execution […]

Overview On January 19, 2022, NSFOCUS CERT monitoring found that Oracle officially released the CPU (Critical Patch Update) in January. A total of 497 vulnerabilities of varying degrees were fixed this time. This security update involves Oracle WebLogic Server. , Oracle MySQL, Oracle Java SE, Oracle FusionMiddleware, Oracle Retail Applications and many other common products. […]

Overview On January 12, NSFOCUS CERT found that Apache issued a security notice to fix a remote code execution vulnerability (CVE-2021-43297) in Dubbo. Due to a deserialization vulnerability in Dubbo’s hessian-lite, an unauthenticated attacker could exploit the vulnerability to remotely execute arbitrary code on the target system. Most Dubbo users use Hessian2 as the serialization/deserialization […]

On December 9, NSFOCUS monitored the disclosure of the Apache Log4j2 remote code execution vulnerability (CVE-2021-44228) on the Internet. Apache Log4j2 is an open source Java logging framework, which is widely used in middleware, development frameworks and web applications to record log information. The vulnerability PoC has been made public on the Internet and can […]

Overview The update involves (CVE-2021-45046) and (CVE-2021-45105) vulnerability information, scope of influence, product rules, official version and workaround. On December 9 2021, NSFOCUS CRET has detected the disclosure of Apachelog4j Remote Code Execution Vulnerability (CVE-2021-44228). Due to the recursive parsing of some functions of apachelog4j2, unauthenticated attackers can execute arbitrary code on target servers by […]

Overview On December 15th, NSFOCUS CERT monitored that Microsoft released the December security update patch, which fixed 67 security issues, involving widely used products such as Windows, Microsoft Office, Microsoft Visual Studio, and Microsoft PowerShell, including privilege escalation, remote Types of high-risk vulnerabilities such as code execution. Among the vulnerabilities fixed by Microsoft’s monthly update […]

Overview On December 9 2021, NSFOCUS CRET has detected the disclosure of Apachelog4j Remote Code Execution Vulnerability (CVE-2021-44228). Due to the recursive parsing of some functions of apachelog4j2, unauthenticated attackers can execute arbitrary code on target servers by sending a specially constructed data request packet. The vulnerability PoC has been disclosed on the Internet and […]

Overview Recently, NSFOCUS monitored that researchers disclosed the exploitation program of GitLab remote command execution vulnerability (CVE-2021-22205), and found that the existence of unauthorized endpoints in GitLab cause the vulnerability exploitable without authentication. Both Community Edition (CE) and Enterprise Edition (EE) are affected. On April 15, GitLab official released a security update to fix the […]

Overview Recently, CODESYS officially issued four security update advisories that fixed 10 vulnerabilities in CODESYS V2. NSFOCUS received a letter of acknowledgement from CODESYS for NSFOCUS Gewu Lab’s reporting of three vulnerabilities that were rated high-risk. All of the three vulnerabilities are exploited for attacks via private communication protocols supported by CODESYS runtime. By using […]

Overview On October 20, 2021, NSFOCUS detected that Oracle released the October Critical Patch Update (CPU), which fixed 419 vulnerabilities of varying risk levels. The update involves multiple commonly used products, such as Oracle MySQL, Oracle WebLogic Server, Oracle Java SE, Oracle Fusion Middleware and Oracle Retail Applications. Oracle strongly recommends that users fix these […]