CVE-2013-7285 Scanner
Detects 'Remote Code Execution (RCE)' vulnerability in XStream affects v. up to 1.4.6 and version 1.4.10.
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 second
Time Interval
1 month
Scan only one
Domain, Ipv4
Toolbox
-
XStream is an open-source Java library for serializing objects to and from XML and other supported formats. It is widely used in software development to simplify the process of converting objects into a serialized representation that can be stored or transmitted over a network. XStream is designed to be easy to use and highly customizable, making it a popular choice among developers for a wide range of applications.
The CVE-2013-7285 vulnerability is a remote code execution vulnerability that was discovered in XStream API versions up to 1.4.6 and version 1.4.10. The vulnerability occurs when the security framework has not been initialized, allowing a remote attacker to run arbitrary shell commands by manipulating the processed input stream when unmarshaling XML or any supported format, such as JSON. This vulnerability can be exploited by attackers to perform malicious activities, such as gaining unauthorized access to sensitive data, taking control of the affected system, or even launching attacks against other systems.
When exploited, this vulnerability can lead to serious consequences, such as data theft, data destruction, loss of revenue, and damage to reputation. Attackers may use the vulnerability to inject malicious code into the affected system, which in turn could lead to leakage of sensitive data or loss of control over the system. The exploitation of the vulnerability can also be used to launch further attacks against other systems and networks, resulting in a ripple effect with potentially devastating consequences.
Thanks to the pro features of the s4e.io platform, those who read this article can easily and quickly learn about vulnerabilities in their digital assets. s4e.io provides a comprehensive suite of tools and resources to help organizations identify, manage, and mitigate security risks, from vulnerability scanning and penetration testing to risk assessment and compliance management. By partnering with s4e.io, organizations can ensure that their digital assets are secure, and that they are well prepared to respond to security threats and incidents.
REFERENCES
- seclists.org: [oss-security] 20140109 Re: CVE request: remote code execution via deserialization in XStream
- mail-archive.com: [xstream-user] 20130717 Re: Is it possible to unregister the DynamicProxyConverter using the SpringOXM wrapper
- mail-archive.com: [xstream-user] 20130718 Re: Is it possible to unregister the DynamicProxyConverter using the SpringOXM wrapper
- lists.apache.org: [activemq-issues] 20190718 [jira] [Updated] (AMQ-7236) SEV-1 Security vulnerability in spring-expression-4.3.11.RELEASE.jar (spring framework) and xstream-1.4.10.jar
- lists.apache.org: [activemq-issues] 20190826 [jira] [Created] (AMQ-7288) Security Vulnerabilities in ActiveMQ dependent libraries.
- http://blog.diniscruz.com/2013/12/xstream-remote-code-execution-exploit.html
- https://x-stream.github.io/CVE-2013-7285.html
- https://www.oracle.com/security-alerts/cpuoct2020.html
- http://web.archive.org/web/20140204133306/http://blog.diniscruz.com/2013/12/xstream-remote-code-execution-exploit.html