Hackers use Spring4Shell exploit for remote code execution

SECURITY INSIGHTS | 5 April 2022

The Spring4Shell vulnerability is being used by hackers to compromise web servers with malicious code. The exploit is already being used for such attacks. Myra is providing its customers with a new rule set for Hyperscale WAF to proactively mitigate the threat. This gives vulnerable companies valuable time to test and implement the available patches and workarounds.

IT security experts see themselves faced with a new challenge from Spring4Shell. The recently leaked exploit for a vulnerability in the Java Spring Core framework allows attackers to remotely execute malicious code via a webshell. The new Java vulnerability has been dubbed Spring4Shell in reference to the critical Log4Shell vulnerability in the Java Log4J library.

As far as is currently known, all Spring releases since version 4.3 up to and including the current version 5.3.15 are affected, in each case in conjunction with JDK version 9 or higher. Combinations with older JDK variants, however, are not believed to be vulnerable. A security patch and various workarounds to address the exploit are now available—but have not yet been extensively tested. Cybercriminals are already actively exploiting Spring4Shell for attacks. It is not yet possible to conclusively determine how far-reaching the effects of the exploit are.

Spring4Shell: proactive protection with the Myra Hyperscale WAF

Until the first security updates and workarounds for Spring4Shell are implemented, companies can protect themselves from attacks by using the Myra Hyperscale WAF and a rule set developed specifically for the threat. Such mitigation gives companies valuable time to identify vulnerable systems and put the available updates through their paces.

Related articles

Security Insights

02 November 2020

Cyber warfare: US military succeeds in strike against the TrickBot botnet

Read more

Myra News

21 October 2021

ISO 27001 based on IT-Grundschutz (IT baseline protection): Myra Security renews strict BSI certification

Read more

Security Insights

17 May 2021

Financial regulator steps up controls on IT and cybersecurity

Read more