Intrusion Prevention

Ysoserial.JSP.Webshell

Description

This indicates an attempt to use Ysoserial JSP web shell.
A web shell is a malicious script, acting as a backdoor, that can be uploaded to a web server to enable remote administration of the machine. Web shells are often installed by attackers through web application vulnerabilities or configuration weaknesses.

Affected Products

Any compromised server

Impact

System Compromise: Remote attacker can gain control of vulnerable systems.

Recommended Actions

Remove the malicious JSP file from the server.