FullHunt released an update to Log4J-Scan to detect Apache Commons Text RCE (CVE-2022-42889).

Detecting Apache Commons Text RCE (CVE-2022-42889)

The Apache Commons Text RCE (CVE-2022-42889) is a critical vulnerability that is highly similar to Log4J RCE. Successful exploitation of this vulnerability allows full remote code execution on affected services. The vulnerability has been ranked a CVSS score of 9.8/10.

We have tested the vulnerability in our local lab and confirmed the potential severity of this vulnerability.

FullHunt released an update to identify Apache Commons Text RCE (CVE-2022-42889). We recommend patching it as soon as possible. If help is needed in scanning and discovering this vulnerability on your infrastructure, please get in touch at ([email protected]).

Demo

log4j-scan Project: github.com/fullhunt/log4j-scan


Are you an enterprise that is looking for help with scanning for Apache Commons Text RCE (CVE-2022-42889), discovering all the external internet-facing assets, network services, applications, services, and endpoints? Please request a FullHunt Enterprise trial and we will be happy to solve your challenges.

Discover unknown assets today and protect your organization

Best regards,
Mazin Ahmed
The FullHunt Team