Beware, your logs - how blocked log4shell, Spring4Shell etc requests can still lead to compromise

We've had quite a flurry of look-alike vulnerabilities recently - log4shell, Spring4Shell, Apache Commons Configuration CVE-2022-33980 - all of which center around how various frameworks parse inpu...
Updated Dec 12, 2022
Version 2.0
security
twis
AaronJB's avatar
Ret. Employee
20+ years in IT as a software developer, network engineer, *nix admin, security engineer and scruffy-looking nerf herder. Current holder of SANS GCIH, GWAPT and GPEN certifications as well as F5-CS and CTS-ASM certifications.
View Profile
AaronJB's avatar
AaronJB
Ret. Employee
Dec 13, 2022

Absoultely - log4shell, at least, gives you complete remote code execution on the target vulnerable server (say a logging server sitting behind the BIG-IP), so you are free to drop webshells, malware, reverse shells, pivot to other hosts etc - being exposed is very bad indeed!