Java JMX Server Insecure Configuration Java Code Execution
This module takes advantage a Java JMX interface insecure configuration, which would allow loading classes from any remote HTTP URL. JMX interfaces with authentication disabled com.sun.management.jmxremote.authenticate=false should be vulnerable, while interfaces with authentication enabled will ...