Apache Log4j2 contains a deserialization of untrusted data vulnerability due to the incomplete fix of CVE-2021-44228, where the Thread Context Lookup Pattern is vulnerable to remote code execution in certain non-default configurations.
PoC: log4j2_vul_local_scanner
Log4j 漏洞本地检测脚本。 Scan all java processes on your host to check whether it's affected by log4j2 remote code execution vulnerability (CVE-2021-45046)
PoC: Log4j_CVE-2021-45046
Log4j 2.15.0 Privilege Escalation -- CVE-2021-45046
PoC: log4j-samples
Samples of log4j library versions to help log4j scanners / detectors improve their accuracy for detecting CVE-2021-45046 and CVE-2021-44228.
PoC: CVE-2021-45046-Info
Oh no another one
PoC: Log4Shell-Payloads
Log4Shell / Log4J Payload - CVE-2021-45046 and CVE-2022-42889
PoC: Log4J-Scan-Win
Windows Server Log4j Scanner - Powershell - CVE-2021-45046 and CVE-2021-44228
PoC: log4j-poc
Explanation of CVE-2021-45046 for classroom use
PoC: Log4Shell-Sandbox-Signature
Log4Shell(CVE-2021-45046) Sandbox Signature
PoC: log4jjndilookupremove
A simple script to remove Log4J JndiLookup.class from jars in a given directory, to temporarily protect from CVE-2021-45046 and CVE-2021-44228.
PoC: CVE-2021-45046
Replicating CVE-2021-45046
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.
Start monitoring free