Apache Log4j Remote Code Execution (CVE-2021-44228 – Log4Shell): Phân tích và cách ứng phó
May 10 2025
About the author
My passion is hunting down the latest attack trends—ransomware, APTs, you name it—while passing on knowledge to help businesses forge ironclad defenses. I’ve left my mark on data encryption projects and intrusion detection tools now widely used across Vietnam. I’m the shadow that strikes before the enemy does.
@#@
Đam mê của tôi là nghiên cứu các xu hướng tấn công mới nhất như ransomware và APTs, đồng thời chia sẻ kiến thức để giúp doanh nghiệp xây dựng chiến lược phòng thủ hiệu quả. Tôi từng đóng góp vào các dự án mã hóa dữ liệu và phát triển công cụ phát hiện xâm nhập được sử dụng rộng rãi tại Việt Nam.
Stay up to dateGet the latest threat intelligence, cybersecurity reports from CyStack delivered to your inbox
{"success":true,"head":"<title>Toàn tập về Apache Log4j Remote Code Execution (CVE-2021-44228 - Log4Shell)</title>\n<meta name=\"description\" content=\"Chia sẻ lại về cơ chế hoạt động của Log4Shell, những bài học kinh nghiệm rút ra khi đối phó với nó và cách bảo vệ hệ thống của bạn khỏi các biến thể khai thác.\"/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-video-preview:-1, max-image-preview:large\"/>\n<link rel=\"canonical\" href=\"https://blog.cystack.org/tutorial/2025/05/10/apache-log4j-remote-code-execution/\" />\n<meta property=\"og:locale\" content=\"en_US\" />\n<meta property=\"og:type\" content=\"article\" />\n<meta property=\"og:title\" content=\"Toàn tập về Apache Log4j Remote Code Execution (CVE-2021-44228 - Log4Shell)\" />\n<meta property=\"og:description\" content=\"Chia sẻ lại về cơ chế hoạt động của Log4Shell, những bài học kinh nghiệm rút ra khi đối phó với nó và cách bảo vệ hệ thống của bạn khỏi các biến thể khai thác.\" />\n<meta property=\"og:url\" content=\"https://blog.cystack.org/tutorial/2025/05/10/apache-log4j-remote-code-execution/\" />\n<meta property=\"og:site_name\" content=\"CyStack Tutorial\" />\n<meta property=\"article:tag\" content=\"vi\" />\n<meta property=\"article:section\" content=\"Java\" />\n<meta property=\"og:updated_time\" content=\"2025-12-10T16:43:57+07:00\" />\n<meta property=\"og:image\" content=\"https://s2.cystack.net/tutorial/17134612/apache-log4j-remote-code-execution.png\" />\n<meta property=\"og:image:secure_url\" content=\"https://s2.cystack.net/tutorial/17134612/apache-log4j-remote-code-execution.png\" />\n<meta property=\"og:image:width\" content=\"1200\" />\n<meta property=\"og:image:height\" content=\"630\" />\n<meta property=\"og:image:alt\" content=\"Apache Log4j Remote Code Execution\" />\n<meta property=\"og:image:type\" content=\"image/png\" />\n<meta property=\"article:published_time\" content=\"2025-05-10T08:35:34+07:00\" />\n<meta property=\"article:modified_time\" content=\"2025-12-10T16:43:57+07:00\" />\n<meta name=\"twitter:card\" content=\"summary_large_image\" />\n<meta name=\"twitter:title\" content=\"Toàn tập về Apache Log4j Remote Code Execution (CVE-2021-44228 - Log4Shell)\" />\n<meta name=\"twitter:description\" content=\"Chia sẻ lại về cơ chế hoạt động của Log4Shell, những bài học kinh nghiệm rút ra khi đối phó với nó và cách bảo vệ hệ thống của bạn khỏi các biến thể khai thác.\" />\n<meta name=\"twitter:image\" content=\"https://s2.cystack.net/tutorial/17134612/apache-log4j-remote-code-execution.png\" />\n<meta name=\"twitter:label1\" content=\"Written by\" />\n<meta name=\"twitter:data1\" content=\"Đức Hacker\" />\n<meta name=\"twitter:label2\" content=\"Time to read\" />\n<meta name=\"twitter:data2\" content=\"5 minutes\" />\n<script type=\"application/ld+json\" class=\"rank-math-schema\">{\"@context\":\"https://schema.org\",\"@graph\":[{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https://blog.cystack.org/tutorial/#person\",\"name\":\"CyStack Tutorial\"},{\"@type\":\"WebSite\",\"@id\":\"https://blog.cystack.org/tutorial/#website\",\"url\":\"https://blog.cystack.org/tutorial\",\"name\":\"CyStack Tutorial\",\"publisher\":{\"@id\":\"https://blog.cystack.org/tutorial/#person\"},\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https://s2.cystack.net/tutorial/17134612/apache-log4j-remote-code-execution.png\",\"url\":\"https://s2.cystack.net/tutorial/17134612/apache-log4j-remote-code-execution.png\",\"width\":\"1200\",\"height\":\"630\",\"caption\":\"Apache Log4j Remote Code Execution\",\"inLanguage\":\"en-US\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https://blog.cystack.org/tutorial/2025/05/10/apache-log4j-remote-code-execution/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":\"1\",\"item\":{\"@id\":\"https://blog.cystack.org/tutorial\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"position\":\"2\",\"item\":{\"@id\":\"https://blog.cystack.org/tutorial/category/java/\",\"name\":\"Java\"}},{\"@type\":\"ListItem\",\"position\":\"3\",\"item\":{\"@id\":\"https://blog.cystack.org/tutorial/2025/05/10/apache-log4j-remote-code-execution/\",\"name\":\"Apache Log4j Remote Code Execution (CVE-2021-44228 – Log4Shell): Ph\\u00e2n t\\u00edch v\\u00e0 c\\u00e1ch \\u1ee9ng ph\\u00f3\"}}]},{\"@type\":\"WebPage\",\"@id\":\"https://blog.cystack.org/tutorial/2025/05/10/apache-log4j-remote-code-execution/#webpage\",\"url\":\"https://blog.cystack.org/tutorial/2025/05/10/apache-log4j-remote-code-execution/\",\"name\":\"To\\u00e0n t\\u1eadp v\\u1ec1 Apache Log4j Remote Code Execution (CVE-2021-44228 - Log4Shell)\",\"datePublished\":\"2025-05-10T08:35:34+07:00\",\"dateModified\":\"2025-12-10T16:43:57+07:00\",\"isPartOf\":{\"@id\":\"https://blog.cystack.org/tutorial/#website\"},\"primaryImageOfPage\":{\"@id\":\"https://s2.cystack.net/tutorial/17134612/apache-log4j-remote-code-execution.png\"},\"inLanguage\":\"en-US\",\"breadcrumb\":{\"@id\":\"https://blog.cystack.org/tutorial/2025/05/10/apache-log4j-remote-code-execution/#breadcrumb\"}},{\"@type\":\"Person\",\"@id\":\"https://blog.cystack.org/tutorial/author/duchacker/\",\"name\":\"\\u0110\\u1ee9c Hacker\",\"url\":\"https://blog.cystack.org/tutorial/author/duchacker/\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https://secure.gravatar.com/avatar/7b8b6e4bc4811342b8e2f2134f90dda5961f2d4f8e7da5ec77e52bb909a19782?s=96&d=mm&r=g\",\"url\":\"https://secure.gravatar.com/avatar/7b8b6e4bc4811342b8e2f2134f90dda5961f2d4f8e7da5ec77e52bb909a19782?s=96&d=mm&r=g\",\"caption\":\"\\u0110\\u1ee9c Hacker\",\"inLanguage\":\"en-US\"}},{\"@type\":\"BlogPosting\",\"headline\":\"To\\u00e0n t\\u1eadp v\\u1ec1 Apache Log4j Remote Code Execution (CVE-2021-44228 - Log4Shell)\",\"keywords\":\"Log4Shell,apache log4j remote code execution vulnerability,apache log4j 1.2 jmsappender remote code execution,apache log4j 1.2 remote code execution vulnerability,apache log4j 1.2 remote code execution vulnerability fix\",\"datePublished\":\"2025-05-10T08:35:34+07:00\",\"dateModified\":\"2025-12-10T16:43:57+07:00\",\"articleSection\":\"Java, Logging, RCE, Security\",\"author\":{\"@id\":\"https://blog.cystack.org/tutorial/author/duchacker/\",\"name\":\"\\u0110\\u1ee9c Hacker\"},\"publisher\":{\"@id\":\"https://blog.cystack.org/tutorial/#person\"},\"description\":\"Chia s\\u1ebb l\\u1ea1i v\\u1ec1 c\\u01a1 ch\\u1ebf ho\\u1ea1t \\u0111\\u1ed9ng c\\u1ee7a Log4Shell, nh\\u1eefng b\\u00e0i h\\u1ecdc kinh nghi\\u1ec7m r\\u00fat ra khi \\u0111\\u1ed1i ph\\u00f3 v\\u1edbi n\\u00f3 v\\u00e0 c\\u00e1ch b\\u1ea3o v\\u1ec7 h\\u1ec7 th\\u1ed1ng c\\u1ee7a b\\u1ea1n kh\\u1ecfi c\\u00e1c bi\\u1ebfn th\\u1ec3 khai th\\u00e1c.\",\"name\":\"To\\u00e0n t\\u1eadp v\\u1ec1 Apache Log4j Remote Code Execution (CVE-2021-44228 - Log4Shell)\",\"@id\":\"https://blog.cystack.org/tutorial/2025/05/10/apache-log4j-remote-code-execution/#richSnippet\",\"isPartOf\":{\"@id\":\"https://blog.cystack.org/tutorial/2025/05/10/apache-log4j-remote-code-execution/#webpage\"},\"image\":{\"@id\":\"https://s2.cystack.net/tutorial/17134612/apache-log4j-remote-code-execution.png\"},\"inLanguage\":\"en-US\",\"mainEntityOfPage\":{\"@id\":\"https://blog.cystack.org/tutorial/2025/05/10/apache-log4j-remote-code-execution/#webpage\"}}]}</script>\n"}
