Shulou(Shulou.com)06/01 Report--

This article introduces the Apache FreeMarker template FusionAuth remote code execution vulnerability analysis, the content is very detailed, interested friends can refer to, hope to be helpful to you.

0x00 vulnerability background

On February 4, 2020, 360CERT detected that NVD issued a CVE-2020-7799 vulnerability warning with a high vulnerability level.

A problem was found in FusionAuth prior to version 1.11.0. Authenticated users are allowed to edit email templates (home page-> settings-> email template) or subject (home page-> settings-> subject) and execute arbitrary commands using freemarker.template.utility.Execute

360CERT judges that the vulnerability level is high and the hazard / impact area is large. It is recommended that users using FusionAuth install the latest patches in time to avoid hacker attacks.

0x01 vulnerability details

The Apache FusionAuth component leverages the Apache FreeMarker template engine, which allows authenticated users to edit email templates and to execute arbitrary commands using freemarker.template.utility.Execute when editing templates.

0x02 affects version

Apache FusionAuth:

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.