Logfile Vulnerability Log4Shell for RCE

Daniel
4 min readDec 12, 2021
Source: security-flashcards.com

This article briefly describes a critical zero-day vulnerability called Log4Shell that existed in the widely used Java logging library Log4j used by millions of Java applications reachable from the Internet. The vulnerability can be exploited by even unskilled attackers and results in a remote code execution (RCE) when Log4j is used to write user controlled data into a log file.

--

--