Rewterz Threat Alert – GuLoader Malspam Campaign – Active IOCs
September 29, 2021Rewterz Threat Advisory – CVE-2021-34947 – NETGEAR R7800 Vulnerability
September 30, 2021Rewterz Threat Alert – GuLoader Malspam Campaign – Active IOCs
September 29, 2021Rewterz Threat Advisory – CVE-2021-34947 – NETGEAR R7800 Vulnerability
September 30, 2021Severity
High
Analysis Summary
CVE-2021-41616
Apache DdlUtils could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw in the ObjectInputStream.readObject in the BinaryObjectsHelper class. By sending specially crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
Affected Vendors
Apache
Affected Products
- Apache DdlUtils 1.0
Remediation
Upgrade to the latest version of DdlUtils, available from the Apache Web site.