Dissecting the Spring4Shell vulnerability. [Research Saturday]

Edward Wu, senior principal data scientist at ExtraHop, joins Dave to discuss the company's research, "A Technical Analysis of How Spring4Shell Works." ExtraHop first noticed chatter from social media in March of 2022 on a new remote code execution (RCE) vulnerability and immediately started tracking the issue.
In the research, it describes how the exploit works and breaks down how the ExtraHop team came to identify the Spring4Shell vulnerability. The research describes the severity of the vulnerability, saying, "The impact …

analysis code code execution data data scientist dave discuss extrahop issue march media rce remote code remote code execution research social social media spring4shell spring4shell vulnerability technical technical analysis the company tracking vulnerability