{"id":10035,"date":"2020-02-14T10:05:30","date_gmt":"2020-02-14T10:05:30","guid":{"rendered":"https:\/\/nsfocusglobal.com\/?p=10035"},"modified":"2026-04-17T18:07:50","modified_gmt":"2026-04-17T18:07:50","slug":"fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert","status":"publish","type":"post","link":"https:\/\/nsfocusglobal.com\/pt-br\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\/","title":{"rendered":"FusionAuth Remote Code Execution Vulnerability (CVE-2020-7799) Threat Alert"},"content":{"rendered":"<p><!DOCTYPE html PUBLIC \"-\/\/W3C\/\/DTD HTML 4.0 Transitional\/\/EN\" \"http:\/\/www.w3.org\/TR\/REC-html40\/loose.dtd\"><br \/>\n<html><body><\/p>\n<ol>\n<li>\n<h2><strong><a name=\"_Toc130115382\"><\/a>Vulnerability Description<\/strong><\/h2>\n<\/li>\n<\/ol>\n<p>On January 28, 2019, Beijing time, NVD released a remote command execution vulnerability (CVE-2020-7799) in the Apache Freemarker template in FusionAuth. It is found that an authenticated user can edit email templates (<strong>Home &gt; Settings &gt; Email Templates<\/strong>) or themes (<strong>Home &gt; Settings &gt; Themes<\/strong>) in FusionAuth to execute arbitrary commands in the underlying operating system by using freemarker.template.utility.Execute in the Apache FreeMarker engine of custom templates.<!--more--><\/p>\n<p>FusionAuth is a modern open-source access management application that can be integrated with multiple technologies and platforms. You can configure and customize FusionAuth in various ways on the dashboard to provide authentication, authorization, and user management functions for any applications. As FusionAuth uses the Apache FreeMarker template engine and fails to properly sanitize user inputs, an attacker could exploit this vulnerability to impose a serious threat to server security. Currently, the vulnerability&#8217;s proof of concept (PoC) has been made publicly available and users should take related precautions as soon as possible.<\/p>\n<p>&nbsp;<\/p>\n<p>For details of this vulnerability, visit the following link:<\/p>\n<p>https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-7799<\/p>\n<h2><strong>Scope of Impact<\/strong><\/h2>\n<p><strong>Affected Versions<\/strong><\/p>\n<ul>\n<li>FusionAuth &lt;= 1.10.1<\/li>\n<\/ul>\n<p><strong>Unaffected Versions<\/strong><\/p>\n<ul>\n<li>FusionAuth &gt;= 1.11<\/li>\n<\/ul>\n<h2><strong>Vulnerability Detection<\/strong><\/h2>\n<ul>\n<li>Version Check<\/li>\n<\/ul>\n<p>Users can check the current FusionAuth version to determine whether this application is vulnerable.<\/p>\n<p>You can view the current FusionAuth version in the lower-left corner of the web-based manager of this application.<\/p>\n<p><a href=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/02\/0214-1.jpg\"><img fetchpriority=\"high\" decoding=\"async\" class=\"alignnone size-full wp-image-10036\" src=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/02\/0214-1.jpg\" alt=\"Red circular no entry sign with a white horizontal bar.\" width=\"329\" height=\"257\" srcset=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/02\/0214-1.jpg 329w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/02\/0214-1-300x234.jpg 300w\" sizes=\"(max-width: 329px) 100vw, 329px\" \/><\/a><\/p>\n<p>If the current version is within the affected scope, the application is potentially at risk.<\/p>\n<h2><strong>Mitigation<\/strong><\/h2>\n<ul>\n<li>Official Update\n<ul>\n<li>Fast Update<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>Users for fast installation can upgrade FusionAuth to the latest version in the following way:<\/p>\n<p>Linux:<\/p>\n<p>Users that install FusionAuth via a compressed package (ZIP) should first access the application&#8217;s installation directory to make FusionAuth stop running.<\/p>\n<table width=\"567\">\n<tbody>\n<tr>\n<td width=\"567\">\/bin\/shutdown.sh<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>Access the upper-level directory (for example, if the installation directory is \/usr\/local\/fusionauth, access \/usr\/local\/) of the installation directory and run the following command for upgrade:<\/p>\n<table width=\"567\">\n<tbody>\n<tr>\n<td width=\"567\">sh -c &#8220;curl -fsSL https:\/\/raw.githubusercontent.com\/FusionAuth\/fusionauth-install\/master\/install.sh | sh -s &#8211; -z&#8221;<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>Navigate to the installation directory and start FusionAuth:<\/p>\n<table width=\"567\">\n<tbody>\n<tr>\n<td width=\"567\">\/bin\/startup.sh<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>Users that install FusionAuth via a DEB or RPM package can run the following command for upgrade:<\/p>\n<table width=\"567\">\n<tbody>\n<tr>\n<td width=\"567\">sh -c &#8220;curl -fsSL https:\/\/raw.githubusercontent.com\/FusionAuth\/fusionauth-install\/master\/install.sh | sh&#8221;<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>Start FusionAuth:<\/p>\n<table width=\"567\">\n<tbody>\n<tr>\n<td width=\"567\">sudo service fusionauth-search start<\/p>\n<p>sudo service fusionauth-app start<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>Windows:<\/p>\n<p>Access the installation directory and make FusionAuth stop running:<\/p>\n<table width=\"567\">\n<tbody>\n<tr>\n<td width=\"567\">net stop FusionAuthApp<\/p>\n<p>net stop FusionAuthSearch<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>Install the latest version:<\/p>\n<table width=\"567\">\n<tbody>\n<tr>\n<td width=\"567\">iex (new-object net.webclient).downloadstring(&#8216;https:\/\/raw.githubusercontent.com\/FusionAuth\/fusionauth-install\/master\/install.ps1&#8217;)<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>Start FusionAuth:<\/p>\n<table width=\"567\">\n<tbody>\n<tr>\n<td width=\"567\">\\bin\\startup.bat<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>For the detailed upgrade procedure, see the official upgrade document available at the following link:<\/p>\n<p>https:\/\/fusionauth.io\/docs\/v1\/tech\/installation-guide\/fast-path<\/p>\n<ul>\n<li>Manual Update<\/li>\n<\/ul>\n<p>Users for manual installation can upgrade FusionAuth to the latest version in the following way:<\/p>\n<p>Linux:<\/p>\n<p>Access the installation directory, make FusionAuth stop running, and uninstall it:<\/p>\n<table width=\"567\">\n<tbody>\n<tr>\n<td width=\"567\"># Shut down the application:<\/p>\n<p>\/bin\/shutdown.sh<\/p>\n<p># Uninstall the application:<\/p>\n<p>rm -rf .\/fusionauth-app<\/p>\n<p>rm -rf .\/fusionauth-search<\/p>\n<p>rm -rf .\/bin<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>Download the latest application installation packages (V1.14.0) from the following links:<\/p>\n<p>https:\/\/storage.googleapis.com\/inversoft_products_j098230498\/products\/fusionauth\/1.14.0\/fusionauth-app-1.14.0.zip<\/p>\n<p>https:\/\/storage.googleapis.com\/inversoft_products_j098230498\/products\/fusionauth\/1.14.0\/fusionauth-search-1.14.0.zip<\/p>\n<p>Navigate to the installation directory and decompress the installation packages:<\/p>\n<table width=\"567\">\n<tbody>\n<tr>\n<td width=\"567\">unzip -nq new-fusionauth-app.zip<\/p>\n<p>unzip -nq new-fusionauth-search.zip<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>Start FusionAuth:<\/p>\n<table width=\"567\">\n<tbody>\n<tr>\n<td width=\"567\">\/bin\/startup.sh<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>Windows:<\/p>\n<p>Access the installation directory, make FusionAuth stop running, and uninstall it:<\/p>\n<table width=\"567\">\n<tbody>\n<tr>\n<td width=\"567\"># Make the application stop running:<\/p>\n<p>net stop FusionAuthApp<\/p>\n<p>net stop FusionAuthSearch<\/p>\n<p># Uninstall the application:<\/p>\n<p>cd \\fusionauth\\fusionauth-app\\apache-tomcat\\bin<\/p>\n<p>FusionAuthApp.exe \/uninstall<\/p>\n<p>cd \\fusionauth\\fusionauth-search\\elasticsearch\\bin<\/p>\n<p>FusionAuthSearch.exe \/uninstall<\/p>\n<p># Remove the original installation package:<\/p>\n<p>cd \\fusionauth<\/p>\n<p>move fusionauth-app fusionauth-app-old<\/p>\n<p>move fusionauth-search fusionauth-search-old<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>Download the latest application installation packages (V1.14.0) from the following links:<\/p>\n<p><a href=\"https:\/\/storage.googleapis.com\/inversoft_products_j098230498\/products\/fusionauth\/1.14.0\/fusionauth-app-1.14.0.zip\">https:\/\/storage.googleapis.com\/inversoft_products_j098230498\/products\/fusionauth\/1.14.0\/fusionauth-app-1.14.0.zip<\/a><\/p>\n<p><a href=\"https:\/\/storage.googleapis.com\/inversoft_products_j098230498\/products\/fusionauth\/1.14.0\/fusionauth-search-1.14.0.zip\">https:\/\/storage.googleapis.com\/inversoft_products_j098230498\/products\/fusionauth\/1.14.0\/fusionauth-search-1.14.0.zip<\/a><\/p>\n<p>Decompress the preceding compressed packages and install them:<\/p>\n<table width=\"567\">\n<tbody>\n<tr>\n<td width=\"567\"># Install packages:<\/p>\n<p>cd \\fusionauth\\fusionauth-app\\apache-tomcat\\bin<\/p>\n<p>FusionAuthApp.exe \/install<\/p>\n<p>cd \\fusionauth\\fusionauth-search\\elasticsearch\\bin<\/p>\n<p>FusionAuthSearch.exe \/install<\/p>\n<p># Start this application:<\/p>\n<p>net start FusionAuthSearch<\/p>\n<p>net start FusionAuthApp<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>For the detailed upgrade procedure, see the official upgrade document available at the following link:<\/p>\n<p>https:\/\/fusionauth.io\/docs\/v1\/tech\/installation-guide\/upgrade<\/p>\n<h2><strong>Statement<\/strong><\/h2>\n<p>This advisory is only used to describe a potential risk. NSFOCUS does not provide any commitment or promise on this advisory. NSFOCUS and the author will not bear any liability for any direct and\/or indirect consequences and losses caused by transmitting and\/or using this advisory. NSFOCUS reserves all the rights to modify and interpret this advisory. Please include this statement paragraph when reproducing or transferring this advisory. Do not modify this advisory, add\/delete information to\/from it, or use this advisory for commercial purposes without permission from NSFOCUS.<\/p>\n<h2><strong>About NSFOCUS<\/strong><\/h2>\n<p>NSFOCUS Information Technology Co., Ltd. (NSFOCUS) was founded in April 2000. Headquartered in Beijing, the company has more than 30 branches and subsidiaries at home and abroad, providing most competitive security products and solutions for government, carrier, financial, energy, Internet, education, and healthcare sectors to ensure customers&#8217; business continuity.<\/p>\n<p>Based on years of research in security assurance, NSFOCUS has set foot in network and terminal security, Internet infrastructure security, and compliance and security management. The company provides the intrusion detection\/prevention system, anti-DDoS system, remote security assessment system, and web security protection products as well as professional security services for customers.<\/p>\n<p>NSFOCUS Information Technology Co., Ltd. started trading its shares at China&#8217;s Nasdaq-style market, ChiNext, in Shenzhen on January 29, 2014, with the name of NSFOCUS and code of 300369.<\/body><\/html><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Vulnerability Description On January 28, 2019, Beijing time, NVD released a remote command execution vulnerability (CVE-2020-7799) in the Apache Freemarker template in FusionAuth. It is found that an authenticated user can edit email templates (Home &gt; Settings &gt; Email Templates) or themes (Home &gt; Settings &gt; Themes) in FusionAuth to execute arbitrary commands in the [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":9273,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_coblocks_attr":"","_coblocks_dimensions":"","_coblocks_responsive_height":"","_coblocks_accordion_ie_support":"","footnotes":""},"categories":[6],"tags":[419],"class_list":["post-10035","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-emergency-response","tag-fusionauth"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>FusionAuth Remote Code Execution Vulnerability (CVE-2020-7799) Threat Alert - NSFOCUS<\/title>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"pt_BR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"FusionAuth Remote Code Execution Vulnerability (CVE-2020-7799) Threat Alert - NSFOCUS\" \/>\n<meta property=\"og:description\" content=\"Vulnerability Description On January 28, 2019, Beijing time, NVD released a remote command execution vulnerability (CVE-2020-7799) in the Apache\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nsfocusglobal.com\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\/\" \/>\n<meta property=\"og:site_name\" content=\"NSFOCUS\" \/>\n<meta property=\"article:published_time\" content=\"2020-02-14T10:05:30+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-04-17T18:07:50+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2019\/08\/cover.jpg\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"FusionAuth Remote Code Execution Vulnerability (CVE-2020-7799) Threat Alert - NSFOCUS\" \/>\n<meta name=\"twitter:description\" content=\"Vulnerability Description On January 28, 2019, Beijing time, NVD released a remote command execution vulnerability (CVE-2020-7799) in the Apache\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2019\/08\/cover.jpg\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. tempo de leitura\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\\\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/person\\\/fd9ab61c9c77a81bbd870f725cc0c61d\"},\"headline\":\"FusionAuth Remote Code Execution Vulnerability (CVE-2020-7799) Threat Alert\",\"datePublished\":\"2020-02-14T10:05:30+00:00\",\"dateModified\":\"2026-04-17T18:07:50+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\\\/\"},\"wordCount\":927,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2019\\\/08\\\/cover.jpg\",\"keywords\":[\"FusionAuth\"],\"articleSection\":[\"Emergency Response\"],\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/nsfocusglobal.com\\\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\\\/\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\\\/\",\"name\":\"FusionAuth Remote Code Execution Vulnerability (CVE-2020-7799) Threat Alert - NSFOCUS\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2019\\\/08\\\/cover.jpg\",\"datePublished\":\"2020-02-14T10:05:30+00:00\",\"dateModified\":\"2026-04-17T18:07:50+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\\\/#breadcrumb\"},\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/nsfocusglobal.com\\\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\\\/#primaryimage\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2019\\\/08\\\/cover.jpg\",\"contentUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2019\\\/08\\\/cover.jpg\",\"width\":699,\"height\":413,\"caption\":\"Futuristic glowing circuit board with neon lights.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/nsfocusglobal.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"FusionAuth Remote Code Execution Vulnerability (CVE-2020-7799) Threat Alert\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#website\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/\",\"name\":\"NSFOCUS\",\"description\":\"Security Made Smart and Simple\",\"publisher\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"pt-BR\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#organization\",\"name\":\"NSFOCUS\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/logo-ns.png\",\"contentUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/logo-ns.png\",\"width\":248,\"height\":36,\"caption\":\"NSFOCUS\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/person\\\/fd9ab61c9c77a81bbd870f725cc0c61d\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\\\/\\\/nsfocusglobal.com\"],\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/author\\\/admin\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"FusionAuth Remote Code Execution Vulnerability (CVE-2020-7799) Threat Alert - NSFOCUS","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"pt_BR","og_type":"article","og_title":"FusionAuth Remote Code Execution Vulnerability (CVE-2020-7799) Threat Alert - NSFOCUS","og_description":"Vulnerability Description On January 28, 2019, Beijing time, NVD released a remote command execution vulnerability (CVE-2020-7799) in the Apache","og_url":"https:\/\/nsfocusglobal.com\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\/","og_site_name":"NSFOCUS","article_published_time":"2020-02-14T10:05:30+00:00","article_modified_time":"2026-04-17T18:07:50+00:00","og_image":[{"url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2019\/08\/cover.jpg","type":"","width":"","height":""}],"author":"admin","twitter_card":"summary_large_image","twitter_title":"FusionAuth Remote Code Execution Vulnerability (CVE-2020-7799) Threat Alert - NSFOCUS","twitter_description":"Vulnerability Description On January 28, 2019, Beijing time, NVD released a remote command execution vulnerability (CVE-2020-7799) in the Apache","twitter_image":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2019\/08\/cover.jpg","twitter_misc":{"Escrito por":"admin","Est. tempo de leitura":"5 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/nsfocusglobal.com\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\/#article","isPartOf":{"@id":"https:\/\/nsfocusglobal.com\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\/"},"author":{"name":"admin","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/person\/fd9ab61c9c77a81bbd870f725cc0c61d"},"headline":"FusionAuth Remote Code Execution Vulnerability (CVE-2020-7799) Threat Alert","datePublished":"2020-02-14T10:05:30+00:00","dateModified":"2026-04-17T18:07:50+00:00","mainEntityOfPage":{"@id":"https:\/\/nsfocusglobal.com\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\/"},"wordCount":927,"commentCount":0,"publisher":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#organization"},"image":{"@id":"https:\/\/nsfocusglobal.com\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\/#primaryimage"},"thumbnailUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2019\/08\/cover.jpg","keywords":["FusionAuth"],"articleSection":["Emergency Response"],"inLanguage":"pt-BR","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/nsfocusglobal.com\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/nsfocusglobal.com\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\/","url":"https:\/\/nsfocusglobal.com\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\/","name":"FusionAuth Remote Code Execution Vulnerability (CVE-2020-7799) Threat Alert - NSFOCUS","isPartOf":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#website"},"primaryImageOfPage":{"@id":"https:\/\/nsfocusglobal.com\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\/#primaryimage"},"image":{"@id":"https:\/\/nsfocusglobal.com\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\/#primaryimage"},"thumbnailUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2019\/08\/cover.jpg","datePublished":"2020-02-14T10:05:30+00:00","dateModified":"2026-04-17T18:07:50+00:00","breadcrumb":{"@id":"https:\/\/nsfocusglobal.com\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\/#breadcrumb"},"inLanguage":"pt-BR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nsfocusglobal.com\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\/"]}]},{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/nsfocusglobal.com\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\/#primaryimage","url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2019\/08\/cover.jpg","contentUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2019\/08\/cover.jpg","width":699,"height":413,"caption":"Futuristic glowing circuit board with neon lights."},{"@type":"BreadcrumbList","@id":"https:\/\/nsfocusglobal.com\/fusionauth-remote-code-execution-vulnerability-cve-2020-7799-threat-alert\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/nsfocusglobal.com\/"},{"@type":"ListItem","position":2,"name":"FusionAuth Remote Code Execution Vulnerability (CVE-2020-7799) Threat Alert"}]},{"@type":"WebSite","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#website","url":"https:\/\/nsfocusglobal.com\/pt-br\/","name":"NSFOCUS","description":"Security Made Smart and Simple","publisher":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/nsfocusglobal.com\/pt-br\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"pt-BR"},{"@type":"Organization","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#organization","name":"NSFOCUS","url":"https:\/\/nsfocusglobal.com\/pt-br\/","logo":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/logo\/image\/","url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/08\/logo-ns.png","contentUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/08\/logo-ns.png","width":248,"height":36,"caption":"NSFOCUS"},"image":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/person\/fd9ab61c9c77a81bbd870f725cc0c61d","name":"admin","image":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/nsfocusglobal.com"],"url":"https:\/\/nsfocusglobal.com\/pt-br\/author\/admin\/"}]}},"_links":{"self":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/10035","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/comments?post=10035"}],"version-history":[{"count":0,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/10035\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/media\/9273"}],"wp:attachment":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/media?parent=10035"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/categories?post=10035"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/tags?post=10035"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}