A remote code execution vulnerability exists in Apache OFBiz prior to 17.12.06 due to Deserialization of Untrusted Data.
An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands on the target system.
Binary data apache_ofbiz_cve-2021-26295.nbin