EXPLOIT Apache Dubbo Routing Configuration Unsafe YAML Unmarshalling (CVE-2021-30180)

Rule ID

1139471

Severity

High

Description

An unauthenticated, remote attacker can exploit these vulnerability by enticing an Apache Dubbo Consumer or Producer to connect to a malicious Registry. Successful exploitation can result in the execution of arbitrary code under the security context of the Dubbo server.

Impact

Remote code execution

Recommendation

Update vendor's patch.

IPS Category

Web threats

IPS Anomaly Group

N/A

IPS Rule Default Action

Deny

Reference

CVE-2021-30180

Keyword

N/A

Created At

2021/07/15

Updated At

2021/07/15

This website uses cookies to ensure you get the best experience on our website.

Learn more