Beware, your logs - how blocked log4shell, Spring4Shell etc requests can still lead to compromise

We've had quite a flurry of look-alike vulnerabilities recently - log4shell, Spring4Shell, Apache Commons Configuration CVE-2022-33980 - all of which center around how various frameworks parse inpu...
Updated Dec 12, 2022
Version 2.0
F5 SIRT
security
series-F5SIRT-this-week-in-security
TWIS

Was this article helpful?

Holmes69's avatar
Holmes69
Icon for Nimbostratus rankNimbostratus
Dec 13, 2022

The exploitation of this vulnerability allows the attacker to install a webshell on the affected server leading to further command execution.