RCE 0-day exploit found in log4j, a popular Java logging packa | PT SWARM

RCE 0-day exploit found in log4j, a popular Java logging package

by Free Wortley, Chris Thompson

0-day exploit in the popular Java logging library log4j was discovered that results in Remote Code Execution (RCE) by logging a certain string. This post provides resources to understand the vulnerability and how to mitigate it.

Contents:
• Who is impacted?
• Affected Apache log4j Versions
• Temporary Mitigations
• How the exploit works
• Exploit Requirements
• Example Vulnerable Code
• Exploit Steps
• How you can prevent future attacks

https://www.lunasec.io/docs/blog/log4j-zero-day/

PT SWARM

👪 2.98K
Technologies

Positive Technologies Offensive Team: twitter.com/ptswarm. This is the channel where we share articles/vulnerabilities/scripts/etc, not necessarily authored by us, that we find interesting...

Join
▲ Vote (1)

RCE 0-day exploit found in log4j, a popular Java logging packa | PT SWARM

Login