November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Alert – Remcos RAT – Active IOCs
June 30, 2022Rewterz Threat Alert – AveMaria RAT – Active IOCs
June 30, 2022Rewterz Threat Alert – Remcos RAT – Active IOCs
June 30, 2022Rewterz Threat Alert – AveMaria RAT – Active IOCs
June 30, 2022
Severity
High
Analysis Summary
CVE-2022-32532
Apache Shiro could allow a remote attacker to bypass security restrictions, caused by a flaw in the RegexRequestMatcher configuration. By using RegExPatternMatcher with “.” in the regular expression, an attacker could exploit this vulnerability to bypass access restrictions.
Impact
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2022-32532
Affected Vendors
- Apache
Affected Products
- Apache Shiro 1.9.0
Remediation
Upgrade to the latest version of Apache Shiro, available from the Apache Web site.