Rewterz Threat Alert – Remcos RAT – Active IOCs
June 2, 2021Rewterz Threat Advisory – CVE-2021-22123 – Fortinet FortiWeb Command Execution
June 2, 2021Rewterz Threat Alert – Remcos RAT – Active IOCs
June 2, 2021Rewterz Threat Advisory – CVE-2021-22123 – Fortinet FortiWeb Command Execution
June 2, 2021Severity
High
Analysis Summary
CVE-2021-30180
Apache Dubbo could allow a remote attacker to execute arbitrary code on the system, caused by a condition route poisoning flaw. By using specially-crafted YAML rules, an attacker could exploit this vulnerability to call arbitrary constructors to execute arbitrary code on the system.
Impact
- Unauthorized Access
Affected Vendors
Apache
Affected Products
- Apache Dubbo 2.7.0
Remediation
Upgrade to the latest version of Apache Dubbo (2.7.10 or later), available from the Apache Web site.