|
|
|||
| Rule General Information |
|---|
| Release Date: | 2022-08-03 | |
| Rule Name: | Java Code Injection Detection - Injection Character 1 | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Code injection vulnerabilities are caused by the application's lax filtering of user input. Attackers can inject code into the server running the application and remotely execute the injected code. This rule is used to detect suspicious Java code injection characters in HTTP requests. | |
| Impact: | Through Java code injection attacks, an attacker can inject code into the server where the application is running and execute the injected code remotely. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| 1. Filter and escape the data entered by users to ensure that the input does not contain malicious Java code. 2. use safe apis and functions to execute code, avoid directly splicing user input content as code execution. 3. Conduct regular security audits and tests to find potential code injection vulnerabilities and fix them in time. |