Text4Shell Validation Text4Shell Validation-mask

Text4Shell–Validate Detection and Protection now with Cymulate

By: Dave Klein,
Created: October 21, 2022
Updated: February 12, 2023

Maintained by the Apache Software Foundation (ASF), Apache is by far the most common web server run in the world. Doing a quick Shodan lookup as of this article’s publish date finds over 25 million Internet-reachable instances globally. Thus, the discovery of a remote code executable capable vulnerability this week in its Apache Common text library in its default configuration and dubbed Text4Shell should be taken seriously.

The vulnerability discovered by cybersecurity researcher Alvaro Munoz was discussed in his blog post and tracked as CVE-2022-42889 with a CVSS score of 9.8 out of 10. It affects versions 1.5 through 1.9 of the Apache Common text libraries with only the latest 1.10 not having the issue. The issue can be found within its variable interpolation capabilities, specifically within its “script”, “DNS” and “URL” functionality. Apache has not provided a workaround for the affected variants but has recommended upgrading Apache Common text libraries to the latest 1.10.

For instructions on using the test we created please see our Cymulate Community Post

Let Cymulate help!
We have created an Advanced Scenario that allows our customers to discover their existing Apache instances and test to see if they are in fact vulnerable to Text4Shell. If you are not a customer, Cymulate security validation experts will guide you so you can test as well.

 

Dave Klein
Dave Klein is the Director of Cyber Evangelism for Cymulate. With more than 21 years of real-world cybersecurity experience, he works with Cymulate teams, customers and industry thought leaders to address the challenges of securing modern enterprise environments. Dave’s long career includes working on the NIST response to President Obama’s Policy Directive 21 on Critical Infrastructure Security and Resilience, leading some of the largest sales engagements for US Federal security solutions, and working with the City of New York post 9/11, helping shore up cyber defenses.