Threat Advisories

Text2Shell: Vulnerability like Log4Shell in Apache Common Texts

October 20, 2022

Threat Level

Red

Vulnerability Report

For a detailed threat advisory, download the pdf file here

Summary

A new vulnerability in Apache Commons Text has been named text2shell. The vulnerability allows unauthenticated attackers to remotely execute code on servers running affected applications. Due to the availability of the proof-of-concept, APT groups would be eager on exploiting it.

Threat exposure management: the answer to 21st century cyber-security challenges

The Spyder Loader malware targets organizations in Hong Kong