Alibaba Cloud Cloud Firewall has created a solution to address the remote code execution vulnerability in e-cology.

e-cology is a collaborative management software developed by Weaver.

On September 19, 2019, Alibaba Cloud emergency response center detected a remote code execution vulnerability in e-cology. Attackers can create specific HTTP requests to obtain operation permissions on the target server and then remotely execute commands without authorization.

Cause of the vulnerability: e-cology has a BeanShell component that allows unauthorized access. Attackers can call the BeanShell component API to execute commands on the target server.

Rule-based defense: Cloud Firewall has created a solution to address the vulnerability through basic rules.

Rule type: command execution

Risk level: high

Security suggestions:
  • Contact Alibaba Cloud to obtain a security upgrade solution.
  • Use the intrusion prevention feature of Cloud Firewall.