On October 31, 2019, a security researcher released an exploit for Apache Solr on GitHub. It is a trivial vulnerability that can be exploited easily. If an attacker can directly access the Solr console, one can execute arbitrary code on the targeted system via Velocity template. This vulnerability can be tracked as CVE-2019-17558. Affected versions: … Continue reading “Apache Solr Remote Command Execution Via Velocity Template”