Apache dubbo (CVE-2020-1948) 反序列化远程代码执行漏洞及其补丁绕过深度分析 | 天融信阿尔法实验室
Tags
| attack-pattern: | Server - T1583.004 Server - T1584.004 |
Common Information
| Type | Value |
|---|---|
| UUID | d01feca3-1790-4f78-a422-ddd524091550 |
| Fingerprint | 2ad6c771ab406f71 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Feb. 1, 2024, midnight |
| Added to db | Jan. 18, 2023, 7:40 p.m. |
| Last updated | Nov. 17, 2024, 11:40 p.m. |
| Headline | Apache dubbo (CVE-2020-1948) 反序列化远程代码执行漏洞及其补丁绕过深度分析 |
| Title | Apache dubbo (CVE-2020-1948) 反序列化远程代码执行漏洞及其补丁绕过深度分析 | 天融信阿尔法实验室 |
| Detected Hints/Tags/Attributes | 8/1/11 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | http://blog.topsec.com.cn/apache-dubbo-cve-2020-1948- |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 1 | cve-2020-1948 |
|
| Details | Domain | 1 | zookeeper.apache.org |
|
| Details | Domain | 4128 | github.com |
|
| Details | File | 3 | releases.html |
|
| Details | File | 3 | zoo.cfg |
|
| Details | File | 4 | 0-snapshot.jar |
|
| Details | File | 1 | 所以provider的pom.xml |
|
| Details | Github username | 40 | apache |
|
| Details | IPv4 | 1441 | 127.0.0.1 |
|
| Details | Url | 1 | https://zookeeper.apache.org/releases.html |
|
| Details | Url | 1 | https://github.com/apache/dubbo-admin |