Apache Tika 1.15-1.17 Header Command Injection CVE-2018-1335 Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP,URL

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

15

Apache Tika 1.15-1.17 Header Command Injection CVE-2018-1335 Scanner Detail

There is a header command injection vulnerability in Apache Tika.

From Apache Tika versions 1.7 to 1.17, clients could send carefully crafted headers to tika-server that could be used to inject commands into the command line of the server running tika-server. This vulnerability only affects those running tika-server on a server that is open to untrusted clients. The mitigation is to upgrade to Tika 1.18.

Some Advice for Common Problems

You should update to latest version.

Community Discussions

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service