Apache Dubbo Deserialization Vulnerability Notice (CVE-2023-23638)
março 14, 2023
Overview Recently, NSFOCUS CERT detected that Apache officially issued a security notice, fixing an Apache Dubbo deserialization vulnerability (CVE-2023-23638). Due to the flaws in Apache Dubbo’s deserialization security check, remote attackers can construct malicious data packets to conduct deserialization attacks, and finally execute arbitrary code on the target system. Affected users are requested to take […]
Apache Hadoop Remote Code Execution Vulnerability (CVE-2022-25168) Alert
agosto 16, 2022
Overview Recently, NSFOCUS CERT found that Apache Hadoop officially fixed a command injection vulnerability. Since Apache Hadoop’s FileUtil.unTar API does not escape the input filename before passing it to the shell, an attacker could exploit this vulnerability to inject arbitrary commands and thus achieve remote code execution. Affected users are recommended to take steps to […]
Apache Struts Remote Code Execution Vulnerability S2-062 (CVE-2021-31805) Alert
abril 14, 2022
Overview On April 13, 2022, NSFOCUS CERT detected that Struts officially issued a security notice and fixed a remote code execution vulnerability S2-062 (CVE-2021-31805). This vulnerability is not fully repaired for S2-061. When developers use the %{…} syntax to force OGNL parsing, there are still some special TAG attributes that can be parsed twice; attackers […]
Analysis of Log4j2 0-Day Vulnerability from the Perspective of Supply Chain
dezembro 23, 2021
The outbreak of Log4j2 vulnerability has caused an uproar all over the world, with a wide range of influence and great harm second to none. The event is a typical supply chain event caused by open source software. The vulnerability of upstream software affects the products of downstream industries. The complex dependency expands the scope […]
Apache Flink Directory Traversal Vulnerability (CVE-2020-17518/17519) Threat Alert
janeiro 13, 2021
Overview
Recently, Apache Flink announced two directory traversal vulnerabilities, CVE-2020-17518 and CVE-2020-17519. Currently, Apache Flink has released a new version to fix the preceding vulnerability. Affected users are advised to upgrade as soon as possible.
(mais…)Apache DolphinScheduler High-Risk Vulnerabilities (CVE-2020-11974, CVE-2020-13922) Handling Guide
setembro 26, 2020
1. Vulnerability Description
On September 11, 2020, NSFOCUS detected that the Apache Software Foundation released security advisories fixing Apache DolphinScheduler permission overwrite vulnerability (CVE-2020-13922) and Apache DolphinScheduler remote code execution vulnerability (CVE-2020-11974). CVE-2020-11974 is related to mysql connectorj remote code execution vulnerability. When choosing mysql as database, an attacker could execute code remotely on the DolphinScheduler server by inputting {“detectCustomCollations”:true, “autoDeserialize”:true} through jdbc connect parameters. CVE-2020-13922 allows an ordinary user to overwrite other users’ passwords in the DolphinScheduler system through api interface /dolphinscheduler/users/update. Affected users are advised to upgrade without delay.
(mais…)Apache Kylin Remote Code Execution Vulnerability (CVE-2020-1956) Threat Alert
junho 9, 2020
Vulnerability Description Recently, Apache released a security advisory to announce the fix of a remote code execution vulnerability (CVE-2020-1956) in Apache Kylin. Apache Kylin has some RESTful APIs that will associate OS commands with user-typed strings. As Apache Kylin fails to properly verify user inputs, an attacker could execute arbitrary system commands without authorization. Currently, […]
Apache Solr Remote Code Execution Vulnerability (CVE-2019-0193) Threat Alert
agosto 13, 2019
1 Vulnerability Overview
Recently, Apache Software Foundation (ASF) issued a security bulletin to announce the fix of the remote arbitrary code execution vulnerability (CVE-2019-0193) in Apache Solr. This vulnerability exists in the DataImportHandler module, a common module used to import data from databases or other sources. The whole DIH configuration of this module can come from the dataConfig parameter included in an external request. As a DIH configuration can contain scripts, this parameter is a security risk. (mais…)
Apache Axis Remote Code Execution Vulnerability (CVE-2019-0227) Threat Alert
abril 19, 2019
Overview
The default service StockQuoteService.jws in Axis contains a hard-coded HTTP URL, which can be used to trigger an HTTP request. An attacker can conduct a man-in-the-middle (MITM) attack by taking control of a domain (www.xmltoday.com) or performing ARP poisoning against the targeted Axis server, and then redirect the HTTP request to a malicious web server before remotely executing code on the Apache Axis server (CVE-2019-0227). (mais…)
Apache HTTP Server Privilege Escalation Vulnerability (CVE-2019-0211) Threat Alert
abril 8, 2019
Overview
Recently, Apache Software Foundation released a security advisory, announcing remediation of a privilege escalation vulnerability (CVE-2019-0211) in the Apache HTTP Server. Apache HTTP Server running MPM event, worker or prefork could allow an attacker to gain elevated privileges on the system by executing code in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter). By manipulating the scoreboard, an attacker could exploit this vulnerability to gain privileges of the parent process (usually root) and execute arbitrary code on the system. (mais…)
