Alibaba Cloud Cloud Firewall has created a solution to address the remote code execution vulnerability in e-cology.
e-cology is a collaborative management software developed by Weaver.
On September 19, 2019, Alibaba Cloud emergency response center detected a remote code execution vulnerability in e-cology. Attackers can create specific HTTP requests to obtain operation permissions on the target server and then remotely execute commands without authorization.
Cause of the vulnerability: e-cology has a BeanShell component that allows unauthorized access. Attackers can call the BeanShell component API to execute commands on the target server.
Rule-based defense: Cloud Firewall has created a solution to address the vulnerability through basic rules.
Rule type: command execution
Risk level: high
- Contact Alibaba Cloud to obtain a security upgrade solution.
- Use the intrusion prevention feature of Cloud Firewall.