Log4J Remote Code Execution Detailed Analysis 2021
Log4J Remote Code Execution Detailed Analysis 2021
Log4Shell Remote Code Execution What is Log4Shell Remote Code Execution? A vulnerability called Log4Shell, which is used to run code remotely, has been detected on Log4j (>=2.0 <= 2.14.1), one of the most used Java-based logging systems.
The main reason for the Log4Shell vulnerability is the "lookups" Java method of Log4j, This method causes unauthorized code execution on the target system with the help of LDAP, a command defined by the threat actor.
Key findings include:
- This vulnerability is caused by incorrectly parsing logs from the Log4j libraries.
- To exploit the vulnerability, threat actors can place a JDNI (Java Naming and Directory Interface) payload in any header information of a simple HTTP GET request they send to Java-based applications.
- Log4j library detects incoming JNDI commands as queries and runs them.
Download Here
Watch the ThreatMon's Platform Intro
ThreatMon has a team of highly Threatmon's cutting-edge solution combines Threat Intelligence, External Attack Surface Management, and Digital Risk Protection to identify vulnerabilities and provide personalized security solutions for maximum security. ThreatMon identifies the distinctive nature of each business and provides bespoke solutions that cater to its specific needs.
- Identify the external assets of your business.
- Track and manage your organization's online reputation to maintain a positive image.
- Monitor social media platforms, deep/dark web activities, and rogue applications.
- Detect and mitigate digital risks such as source code leakage and account leakage.
Latest Reports
Start Your Free Trial Now!
The 30-day free trial of ThreatMon allows users to explore the product's security benefits. During this trial period, you can test Threat Intelligence data, detect threats to your organization and recommend security measures.
Start Free Trial