Overview Recently, NSFOCUS CERT found that Apache has issued an official security notice to fix multiple Apache HTTP Server vulnerabilities. Affected users should take protective measures as soon as possible. Apache HTTP Server Request Smuggling Vulnerability (CVE-2023-25690): When mod_ When proxy is enabled with some form of RewriteRule or ProxyPassMatch,...
Tag: Apache
Apache Airflow Remote Code Execution Vulnerability (CVE-2022-40127)
Overview On November 21, NSFOCUS CERT discovered on Internet a PoC of a remote code execution vulnerability (CVE-2022-40127) in Apache Airflow. Due to the flaw in Example Dags in Apache Airflow, an attacker with UI access rights can use this vulnerability to trigger Dags, and then by manually providing the...
Apache log4j Deserialization and SQL Injection Vulnerability (CVE-2022-23302/CVE-2022-23305/CVE-2022-23307) Alert
Overview On January 19, NSFOCUS CERT detected that Apache released a security bulletin that disclosed three Log4j vulnerabilities, all of which affected the Apache Log4j 1.x version, and the official support and maintenance are no longer available. Please take measures as soon as possible to protect the relevant users. Apache...
Apache Solr ConfigSet API Upload Function Vulnerability (CVE-2020-13957) Threat Alert
Overview Recently, Apache Solr fixed a vulnerability (CVE-2020-13957) in the Configsets API upload function. Attackers could perform unauthorized operations by using a combination of UPLOAD/CREATE actions, which might eventually lead to command execution. Apache Solr is an enterprise search server that is based on Lucene. (more…)
Apache DolphinScheduler High-Risk Vulnerabilities (CVE-2020-11974, CVE-2020-13922) Threat Alert
1. Vulnerability Description On September 11, 2020, NSFOCUS detected that the Apache Software Foundation released security advisories fixing Apache DolphinScheduler permission overwrite vulnerability (CVE-2020-13922) and Apache DolphinScheduler remote code execution vulnerability (CVE-2020-11974). CVE-2020-11974 is related to mysql connectorj remote code execution vulnerability. When choosing mysql as database, an attacker could...
Apache Dubbo Remote Code Execution Vulnerability (CVE-2020-1948) Patch Bypass Threat Alert
Overview On June 23, NSFOCUS reported that Apache Dubbo contained a remote code execution vulnerability (CVE-2020-1948) resulting from deserialization. Apache Dubbo is a high-performance Java RPC framework. The vulnerability exists in Hessian, a default deserialization tool used by Apache Dubbo. An attacker may exploit it by sending malicious RPC requests...
