Intrusion Prevention



This indicates an attack attempt against an Insecure Desrialization vulnerability in Apache Commons Collections library.
The vulnerability is caused by deseralization of untrusted data due to a vulnerable version of Apache-Commons-FileUpload library in the software. An unauthenticated remote attacker is able to send a crafted serialized object to the target system and upload an arbitrary file.

Affected Products

Apache Commons FileUpload before 1.3.3


System Compromise: Remote attackers can gain control of vulnerable systems.