Share
## https://sploitus.com/exploit?id=DB1BA420-6D40-57A9-9362-17519A1F1604
PoC exploit for CVE-2021-44228, a Java logging library vulnerability. The target product/service is Apache Log4j, a Java logging library. The vulnerability class/vector is RCE (Remote Code Execution) via JNDI (Java Naming and Directory Interface) lookup. The probable entry points are JNDI lookups within log messages, and the notable dependency/tooling is the jndi package. The execution context is logging messages, and the run method is invoked by calling the logger's Printf function. Preconditions include a vulnerable version of Log4j, and the expected impact is RCE. Observable network artifacts include JNDI lookup requests to remote servers.