pocx

pocx 一个完善的 yaml poc 引擎，poc 定义在wiki中 使用方法参考 example/main.go...

CVE-2020-12835

An issue was discovered in SmartBear ReadyAPI SoapUI Pro 3.2.5. Due to unsafe use of an Java RMI based protocol in an unsafe configuration, an attacker can inject malicious serialized objects into the communication, resulting in remote code execution in the context of a client-side Network...

CVE-2024-32030

Kafka UI is an Open-Source Web UI for Apache Kafka Management. Kafka UI API allows users to connect to different Kafka brokers by specifying their network address and port. As a separate feature, it also provides the ability to monitor the performance of Kafka brokers by connecting to their JMX...

CVE-2024-32030 Remote code execution via JNDI resolution in JMX metrics collection in Kafka UI

Kafka UI is an Open-Source Web UI for Apache Kafka Management. Kafka UI API allows users to connect to different Kafka brokers by specifying their network address and port. As a separate feature, it also provides the ability to monitor the performance of Kafka brokers by connecting to their JMX...

CVE-2024-32030 Remote code execution via JNDI resolution in JMX metrics collection in Kafka UI

Kafka UI is an Open-Source Web UI for Apache Kafka Management. Kafka UI API allows users to connect to different Kafka brokers by specifying their network address and port. As a separate feature, it also provides the ability to monitor the performance of Kafka brokers by connecting to their JMX...

CVE-2020-12835

An issue was discovered in SmartBear ReadyAPI SoapUI Pro 3.2.5. Due to unsafe use of an Java RMI based protocol in an unsafe configuration, an attacker can inject malicious serialized objects into the communication, resulting in remote code execution in the context of a client-side Network...

Protection Licensing Toolkit ReadyAPI 3.2.5 Code Execution / Deserialization

Advisory ID: SYSS-2019-039 Product: Protection Licensing Toolkit, SoapUI/LoadUI/ServiceV Pro Manufacturer: jProductivity LLC, SmartBear Software Affected Versions: - ReadyAPI 3.2.5 Tested Versions: ReadyAPI 3.2.5 Vulnerability Type: Unsafe deserialization/remote code execution CWE-502 Risk Level:...

Protection Licensing Toolkit ReadyAPI 3.2.5 Code Execution / Deserialization Vulnerability

Protection Licensing Toolkit ReadyAPI version 3.2.5 suffers from an unsafe deserialization vulnerability that allows for remote code execution. Product: Protection Licensing Toolkit, SoapUI/LoadUI/ServiceV Pro Manufacturer: jProductivity LLC, SmartBear Software Affected Versions: - ReadyAPI 3.2.5...

CVE-2019-7727

In NICE Engage through 6.5, the default configuration binds an unauthenticated JMX/RMI interface to all network interfaces, without restricting registration of MBeans, which allows remote attackers to execute arbitrary code via the RMI protocol by using the JMX connector. The observed affected TC...

CVE-2019-7727

CVE-2019-7727 affects NICE Engage (up to version 6.5) where the default configuration binds an unauthenticated JMX/RMI interface to all network interfaces and does not restrict MBean registration. This enables remote code execution via the RMI protocol through the JMX connector. The observed vuln...

Deserialization of untrusted data

The TP-LINK EAP Controller is TP-LINK's software for remotely controlling wireless access point devices. It utilizes a Java remote method invocation RMI service for remote control. The RMI interface does not require any authentication before use, so it lacks user authentication for RMI service...

Oracle WebLogic Deserialization Remote Code Execution Vulnerability

WebLogic is an application server produced by Oracle, is a middleware based on the JAVAEE architecture , WebLogic is used to develop, integrate, deploy and manage large-scale distributed Web applications, network applications and database applications of the Java application server . A...

CVE-2017-10107

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: RMI. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

Jenkins JRMP远程代码执行漏洞

详情来源：Jenkins RCE 2CVE-2016-0788分析及利用 Author：隐形人真忙 0x00 概述 国外的安全研究人员Moritz Bechler在2月份发现了一处Jenkins远程命令执行漏洞，该漏洞无需登录即可利用，也就是CVE-2016-0788。官方公告是这样描述此漏洞的： A vulnerability in the Jenkins remoting module allowed unauthenticated remote attackers to open a JRMP listener on the server hosting the Jenkins...

Design/Logic Flaw

The JMX RMI service in VMware vCenter Server 5.0 before u3e, 5.1 before u3b, 5.5 before u3, and 6.0 before u1 does not restrict registration of MBeans, which allows remote attackers to execute arbitrary code via the RMI protocol...

weblogic-t3-info NSE Script

Detect the T3 RMI protocol and Weblogic version Example Usage nmap -sV Requires comm string shortport nmap local comm = require "comm" local string = require "string" local shortport = require "shortport" local nmap = require "nmap" description = "Detect the T3 RMI protocol and Weblogic version"...