Apache OFBiz SOAP Java Deserialization

This module exploits a Java deserialization vulnerability in Apache OFBiz's unauthenticated SOAP endpoint /webtools/control/SOAPService for versions prior to 17.12.06. Module Options msf use exploit/linux/http/apacheofbizdeserializationsoap msf exploitapacheofbizdeserializationsoap show targets...

ysoserial

This is a proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. The tool, called ysoserial, is a collection of utilities and property-oriented programming "gadget chains" discovered in common Java libraries that can, under the right conditions, exploit Jav...

Apache OFBiz XML-RPC Java Deserialization Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache OFBiz XML-RPC Java Deserialization', 'Description' = %q This module exploits a Java deserialization vulnerability in Apache OFBiz's...

Apache OFBiz XML-RPC Java Deserialization

This module exploits a Java deserialization vulnerability in Apache OFBiz's unauthenticated XML-RPC endpoint /webtools/control/xmlrpc for versions prior to 17.12.01 using the ROME gadget chain. Versions up to 18.12.11 are exploitable utilizing an auth bypass CVE-2023-51467 and use the...

Apache OFBiz XML-RPC Java Deserialization

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache OFBiz XML-RPC Java Deserialization', 'Description' = %q This module exploits a Java deserialization vulnerability in Apache OFBiz's...

CVE-2021-27335

KollectApps before 4.8.16c is affected by insecure Java deserialization, leading to Remote Code Execution via a ysoserial.payloads.CommonsCollections parameter...

Deserialization of untrusted data

KollectApps before 4.8.16c is affected by insecure Java deserialization, leading to Remote Code Execution via a ysoserial.payloads.CommonsCollections parameter...

CVE-2021-27335

KollectApps before 4.8.16c is affected by insecure Java deserialization, leading to Remote Code Execution via a ysoserial.payloads.CommonsCollections parameter...

CVE-2021-27335

CVE-2021-27335 affects KollectApps prior to 4.8.16c due to insecure Java deserialization. The root cause is deserializing untrusted data, enabling Remote Code Execution via a ysoserial.payloads.CommonsCollections parameter. The vulnerability allows an attacker who can reach the application to tri...

Metasploit Wrap-Up

MicroFocus? More like MacroVuln MicroFocus’s Operations Bridge Manager is a security information and event management SIEM tool designed to collect and parse security logs from multiple disparate sources. OBM has a large attack surface—something Pedro Ribeiro was able to take advantage of with hi...

Micro Focus Operations Bridge Manager Remote Code Execution Exploit

This Metasploit module exploits an authenticated Java deserialization that affects a truckload of Micro Focus products: Operations Bridge Manager, Application Performance Management, Data Center Automation, Universal CMDB, Hybrid Cloud Management and Service Management Automation. However, this...

Micro Focus Operations Bridge Manager Authenticated Remote Code Execution

This module exploits an authenticated Java deserialization that affects a truckload of Micro Focus products: Operations Bridge Manager, Application Performance Management, Data Center Automation, Universal CMDB, Hybrid Cloud Management and Service Management Automation. However this module was on...

NetMotion Mobility Remote Code Execution Vulnerability (CNVD-2021-11310)

NetMotion Mobility is client/server software that securely extends enterprise networks to mobile environments. A remote code execution vulnerability exists in NetMotion Mobility. The vulnerability stems from Java deserialization in SupportRpcServlet. A remote, unauthenticated attacker could explo...

NetMotion Mobility Remote Code Execution Vulnerability (CNVD-2021-11311)

NetMotion Mobility is client/server software that securely extends enterprise networks to mobile environments. A remote code execution vulnerability exists in NetMotion Mobility. The vulnerability stems from Java deserialization in RpcServlet. A remote, unauthenticated attacker could exploit the...

NetMotion Mobility Remote Code Execution Vulnerability

NetMotion Mobility is client/server software that securely extends enterprise networks to mobile environments. A remote code execution vulnerability exists in NetMotion Mobility. The vulnerability stems from Java deserialization in the webrepdb StatusServlet. A remote, unauthenticated attacker...

NetMotion Mobility Remote Code Execution Vulnerability

NetMotion Mobility is client/server software that securely extends enterprise networks to mobile environments. A remote code execution vulnerability exists in NetMotion Mobility. The vulnerability stems from Java deserialization in MvcUtil valueStringToObject. A remote, unauthenticated attacker...

CVE-2021-26913

NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to execute arbitrary code as SYSTEM because of Java deserialization in RpcServlet...

CVE-2021-26912

NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to execute arbitrary code as SYSTEM because of Java deserialization in SupportRpcServlet...

CVE-2021-26914

NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to execute arbitrary code as SYSTEM because of Java deserialization in MvcUtil valueStringToObject...

CVE-2021-26915

NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to execute arbitrary code as SYSTEM because of Java deserialization in webrepdb StatusServlet...