Supports Detecting the Deserialization Remote Code Execution Vulnerability in Fastjson
Sep 20 2019
Content
Target customers: users who use Fastjson versions prior to 1.2.61. Features released: recently, Fastjson released on its official GitHub repository page a deserialization remote code execution vulnerability. Attackers can exploit the latest gadgets to remotely execute commands on the server and gain control of the server. This vulnerability has been fixed in the newly released Fastjson version 1.2.61. We recommend that Fastjson users upgrade to the latest version and scan for this vulnerability as soon as possible.