CVE-2021-44550
📋 TL;DR
CVE-2021-44550 is an incorrect access control vulnerability in Stanford CoreNLP's NERServlet that allows unauthenticated remote attackers to bypass authentication and execute arbitrary code. This affects CoreNLP servers with the NER classifier endpoint exposed. The vulnerability stems from improper input validation in the classifier function.
💻 Affected Systems
- Stanford CoreNLP
📦 What is this software?
Corenlp by Stanford
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution leading to complete system compromise, data exfiltration, and lateral movement within the network.
Likely Case
Unauthenticated attackers gaining shell access to the CoreNLP server, potentially compromising sensitive NLP data and server resources.
If Mitigated
Limited impact if proper network segmentation and authentication controls prevent external access to vulnerable endpoints.
🎯 Exploit Status
The vulnerability is well-documented in GitHub issues with technical details that could facilitate exploitation.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 4.3.3 and later
Vendor Advisory: https://github.com/stanfordnlp/CoreNLP/issues/1222
Restart Required: Yes
Instructions:
1. Upgrade CoreNLP to version 4.3.3 or later. 2. Replace the vulnerable NERServlet.java file with the patched version. 3. Restart the CoreNLP service. 4. Verify the fix by testing the NER endpoint.
🔧 Temporary Workarounds
Disable NER Endpoint
allRemove or disable access to the vulnerable NERServlet endpoint
# Remove or comment out NERServlet configuration in web.xml
# Or block access via firewall/load balancer
Network Segmentation
linuxRestrict network access to CoreNLP servers
# Firewall rule example: iptables -A INPUT -p tcp --dport 9000 -s trusted_network -j ACCEPT
# iptables -A INPUT -p tcp --dport 9000 -j DROP
🧯 If You Can't Patch
- Implement strict network access controls to limit who can reach the CoreNLP server
- Deploy a web application firewall (WAF) with rules to detect and block exploitation attempts
🔍 How to Verify
Check if Vulnerable:
Check if CoreNLP version is 4.3.2 or earlier and the NER endpoint is accessible. Test with: curl -X POST http://server:port/ner/ -d 'test'Check Version:
java -mx4g edu.stanford.nlp.pipeline.StanfordCoreNLP -versionVerify Fix Applied:
Verify CoreNLP version is 4.3.3+ and test the NER endpoint with the same payload that previously triggered the vulnerability📡 Detection & Monitoring
Log Indicators:
- Unusual POST requests to /ner/ endpoint
- Java process spawning unexpected child processes
- Error logs containing stack traces from NERServlet
Network Indicators:
- HTTP POST requests to CoreNLP NER endpoints with unusual payloads
- Outbound connections from CoreNLP server to unexpected destinations
SIEM Query:
source="*corenlp*" AND (uri_path="/ner/" OR process_name="java" AND cmdline="*CoreNLP*")