Connect with us

Hi, what are you looking for?

Hard News Hard Hitting News Source Global Political News

Cyber Security

Critical security vulnerability in Grails could lead to remote code execution

Researchers from AntGroup FG Security Lab have discovered a critical security vulnerability allowing an attacker to remotely execute code within a Grails application runtime.

Grails is an open source web application framework based on the Apache Groovy programming language and is used for developing agile web applications. Customers include Google, IBM, Walmart, Credit Suisse, and Mastercard.

The flaw, tracked using CVE-2022-35912, allows an attacker to remotely execute code within a Grails application runtime by issuing a specially crafted web request that grants the attacker access to the class loader.

The attack exploits a section of the Grails data-binding logic, which is invoked in a number of ways including the creation of command objects, domain class construction, and manual data binding when using bindData.

The vulnerability has been confirmed on Grails framework versions 3.3.10 and higher, including Grails framework 4 and 5, that are running on Java 8. It has been observed in both the embedded Tomcat runtime and applications deployed as a Web Archive (WAR) to a Tomcat instance.

“Due to the nature of this vulnerability, we strongly suggest that all Grails applications, including those that are not vulnerable to this specific attack, be updated to a patched Grails release,” the Grails team noted in a blog post.

“While we have not been able to reproduce this specific exploit on applications running in Java 11 or in versions of the Grails framework before 3.3.10, the nature of the vulnerability is such that variations on the attack could be discovered that earlier Grails releases, and Grails applications running on higher versions of Java will be impacted.”

Patches available

Versions 5.2.1, 5.1.9, 4.1.1, and 3.3.15 have now been patched, and the team recommends upgrading to a patched version. Grails 4.x applications can be upgraded to version 4.1.1 or higher, Grails 5.0.x and 5.1.x applications can be upgraded to 5.1.9 or higher, and Grails 5.2 applications can be upgraded to 5.2.1 or higher.

“The Grails Foundation and the Grails core development team take application security very seriously,” wrote the team. “We are continuing to research and monitor this vulnerability.”

Source: https://portswigger.net/daily-swig/critical-security-vulnerability-in-grails-could-lead-to-remote-code-execution

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given federal agencies three weeks to secure Adobe ColdFusion servers on their networks against two...

Cyber Security

Businesses and developers are focusing more on the security of applications in their digital environment as cyber threats and data breaches continue escalating. The...

Cyber Security

HCL BigFix is an endpoint management platform that has the capability to automate discovery, management, and remediation. It can find and fix vulnerabilities on...

Cyber Security

The Environmental Protection Agency cited a lack of resources and the sheer volume of critical vulnerabilities as the reasons for its inability to patch...

Copyright © 2023 Hard News Herd Hitting in Your Face News Source | World News | Breaking News | US News | Political News Website by Top Search SEO