Tag :
Cyber Security

 

Description

Apache Dubbo Introduction

Apache Dubbo is an open high-performance, light weight, Java based RPC framework. Dubbo offers three key functionalities, including interface based remote call, fault tolerance and load balancing, and automatic service registration and discovery. Its features mainly consist of the following: It adopts layered architecture to decouple all the layers, and provides service with two roles, provider and consumer.

Summary

The Apache Dubbo Provider has a deserialization vulnerability. An attacker can send an unrecognized service name or method name through an RPC request, along with some crafted data containing malicious parameters. When the malicious parameters are deserialized, it will cause remote code execution.

Vulnerability Reproduction
We build the environment of Apache Dubbo and import the project dubbo-spring-boot-project to idea, then initialize.

The figures below show malicious data is transmitted to server and executed arbitrary commands on the target server.

 
Impacts
Affected Apache Dubbo versions:
Apache Log4j 2.7.0 - 2.7.6
Apache Dubbo 2.6.0 - 2.6.7
Apache Dubbo 2.5.x

Timeline
June 23, 2020 Apache Dubbo released this vulnerability.
June 24, 2020 Sangfor FarSight Labs analyzed the vulnerability then released alerts and solutions.

Solution

Remediation Solution
1. Apache Dubbo has fixed this vulnerability. Please visit the following link to download the latest version.

Download address: https://github.com/apache/dubbo/tree/master

Sangfor Solution
For Sangfor NGAF customers, keep NGAF security protection rules up to date.

Sangfor Cloud WAF has automatically updated its database in the cloud. Those users are already protected from this vulnerability without needing to perform any additional operations.

Sangfor Cyber Command is capable of detecting attacks which exploit this vulnerability and can alert users in real time. Users can correlate Cyber Command to Sangfor NGAF to block an attacker's IP address.

Sangfor SOC makes sure that Sangfor security specialists are available 24/7 to you for any security issue. Sangfor security experts scan the customer's network environment in the first place to ensure that the customer's host is free from this vulnerability. For users with vulnerabilities, we reviewed and updated device policies to ensure protection capability against this vulnerability.

Listen To This Post

Search

Keyword maximum 256 character

Get in Touch

Get in Touch with Sangfor Team for Business Inquiry

Name
Email Address
Business Phone Number
Tell us about your project requirements

Related Articles

Cyber Security

Singapore Faces Surge in Cryptocurrency Investment Scams: Authorities Urge Vigilance

Date : 07 May 2025
Read Now
Cyber Security

WooCommerce Users Targeted by Fake Patch Phishing Emails

Date : 29 Apr 2025
Read Now
Cyber Security

Vietnam CMC Group Ransomware Attack: Anatomy of an Asian Cyber Shock

Date : 17 Apr 2025
Read Now

See Other Product

Sangfor Omni-Command
Replace your Enterprise NGAV with Sangfor Endpoint Secure
SASE ROI Calculator - Assess Sangfor SASE’s Total Economic Impact
Cyber Command - NDR Platform
Endpoint Secure
Internet Access Gateway (IAG)

Meet the Author

Sangfor HQ Building

Sangfor Technologies

Sangfor Technologies is a leading vendor of Cyber Security and Cloud Computing solutions. The majority of the blogs that you are seeing here are written by professionals working at Sangfor. We have a team of content writers, product managers and marketing experts who are taking care of writing articles on various topics that are relevant to our audience. Our team ensures that the articles published are factually correct and helpful to our customers and partners to know more about the recent trends on Cyber Security and Cloud, and how it can help their organizations.

  • facebook
  • twitter
  • linkedin
  • youtube
  • instagram
See Author's Detail