.
Attackers can use root privileges to run arbitrary commands, upload the Trojan program, and take control of the server.
How to fix
Upgrade Elasticsearch to the latest version. ...
vulnerability. Server Guard can modify the vulnerable code to eliminate this vulnerability.
Upgrade PHPWind to the latest version from the official website.
...
external users, and control the access to source IP addresses.
Note: To avoid data loss, create backups or an ECS disk snapshot before the upgrade. ...
Fix
Use Alibaba Cloud Security Web Application Firewall to intercept the attacking code for this vulnerability.
Upgrade Struts to version 2.5 or later versions from the official website.
...