On December 9, 2021, the Log4j vulnerability was disclosed and had a huge impact. According to monitoring of NSFOCUS Threat Intelligence, hundreds of thousands of assets were affected by the vulnerability. A week after the vulnerability was disclosed, the NTI detected tens of thousands of malicious IP addresses using the...
Tag: ApacheLog4j
ApacheLog4j Remote Code Execution Vulnerability (CVE-2021-44228, CVE-2021-45046, CVE-2021-45105) Threat Alert updated on Dec 20 2021
Overview The update involves (CVE-2021-45046) and (CVE-2021-45105) vulnerability information, scope of influence, product rules, official version and workaround. On December 9 2021, NSFOCUS CRET has detected the disclosure of Apachelog4j Remote Code Execution Vulnerability (CVE-2021-44228). Due to the recursive parsing of some functions of apachelog4j2, unauthenticated attackers can execute arbitrary...
ApacheLog4j Remote Code Execution Vulnerability (CVE-2021-44228) Threat Alert
Overview On December 9 2021, NSFOCUS CRET has detected the disclosure of Apachelog4j Remote Code Execution Vulnerability (CVE-2021-44228). Due to the recursive parsing of some functions of apachelog4j2, unauthenticated attackers can execute arbitrary code on target servers by sending a specially constructed data request packet. The vulnerability PoC has been...
