Vulnerability feed

Vulnerability

CVE-2019-17571

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2019-17571
Description:: Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17.
Last updated date:: 12/14/2022

Type:: exploit
Confidence:: HIGH
Date of publishing:: 12/25/2019
Reference url to background: https://github.com/shadow-horse/CVE-2019-17571

Type:: exploit
Confidence:: HIGH
Date of publishing:: 07/16/2020
Reference url to background: https://github.com/Al1ex/CVE-2019-17571

Type:: exploit
Confidence:: HIGH
Date of publishing:: 12/14/2021
Reference url to background: https://github.com/HynekPetrak/log4shell-finder

Vulnerability Feed Contributors About Blog

@inTheWild

©2025 |