CVE-2019-18580

Dell EMC Storage Monitoring and Reporting version 4.3.1 contains a Java RMI Deserialization of Untrusted Data vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by sending a crafted RMI request to execute arbitrary code on the target host...

Dell EMC Storage Monitoring and Reporting Java RMI Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dell EMC Storage Monitoring and Reporting. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Java RMI service, which listens on TCP port 52569 by...

Sql injection

AxiomSL's Axiom java applet module used for editing uploaded Excel files and associated Java RMI services 9.5.3 and earlier allows remote attackers to 1 access data of other basic users through arbitrary SQL commands, 2 perform a horizontal and vertical privilege escalation, 3 cause a Denial of...

Cisco Unity Express Arbitrary Command Execution Vulnerability

A Java deserialization vulnerability in Cisco Unity Express CUE could allow an unauthenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An...

ZTE ZXIPTV-EPG Java Deserialization Vulnerability

ZTE ZXIPTV-EPG A set-top box device from China's ZTE Corporation ZTE. A Java deserialization vulnerability exists in ZTE ZXIPTV-EPG versions prior to 5.09.02.02T4. The vulnerability stems from the server's use of the Apache Commons Collections ACC library in the Java RMI service used, and can be...

CVE-2017-10934

All versions prior to V5.09.02.02T4 of the ZTE ZXIPTV-EPG product use the Java RMI service in which the servers use the Apache Commons Collections ACC library that may result in Java deserialization vulnerabilities. An unauthenticated remote attacker can exploit the vulnerabilities by sending a...

Deserialization of untrusted data

All versions prior to V5.09.02.02T4 of the ZTE ZXIPTV-EPG product use the Java RMI service in which the servers use the Apache Commons Collections ACC library that may result in Java deserialization vulnerabilities. An unauthenticated remote attacker can exploit the vulnerabilities by sending a...

CVE-2017-10934

All versions prior to V5.09.02.02T4 of the ZTE ZXIPTV-EPG product use the Java RMI service in which the servers use the Apache Commons Collections ACC library that may result in Java deserialization vulnerabilities. An unauthenticated remote attacker can exploit the vulnerabilities by sending a...

ColdFusion RCE(CVE-2018-4939)

In October 2017 I published an overview and video proof-of-concept of a Java RMI/deserialization vulnerability affecting the Flex Integration service of Adobe ColdFusion. I held off on publishing all of the details and exploit code at the time because I spotted an additional exploit payload that...

GE MDS PulseNET Pooled Invoker Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of GE MDS PulseNET. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of data from a Java RMI Pooled Invoker port. The issue results from the...

GE MDS PulseNET Account Java RMI Incorrect Privilege Assignment Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of GE MDS PulseNET. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the configuration of the...

Apache JMeter RMI Code Execution PoC (CVE-2018-1297)

PenTestIT RSS Feed Recently, I read about a remote code execution RCE vulnerability; CVE-2018-1297, that affects yet another Apache product - JMeter. As you might know, "The Apache JMeter™ application is open source software, a 100% pure Java application designed to load test functional behavior...

HPE iMC 7.3 - RMI Java Deserialization Exploit

Exploit for windows platform in category remote exploits Exploit Title: HPE iMC 7.3 Java RMI Registry Deserialization RCE Vulnerability Exploit Author: Chris Lyne @lynerc Vendor Homepage: www.hpe.com Software Link:...

The vulnerability of the Java RMI interface of the Smart Network Configuration Manager system allows a perpetrator to execute arbitrary code or cause service failures.

The vulnerability of the Java RMI interface of the Smart Network Configuration Manager, a system for automatic management of network configurations, is related to deficiencies in the authentication process. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary...

BaRMIe - Java RMI Enumeration And Attack Tool

BaRMIe is a tool for enumerating and attacking Java RMI Remote Method Invocation services. RMI services often expose dangerous functionality without adequate security controls, however RMI services tend to pass under the radar during security assessments due to the lack of effective testing tools...

Adobe ColdFusion Deserialization RCE (CVE-2017-11283, CVE-2017-11238)

During my research into the Java Remote Method Invocation RMI protocol, the most common RMI service that I came across was Adobe ColdFusion’s Flex integration service which is used to support integration between Flash applications and ColdFusion components. A quick look at this service led to the...

SmartBear SoapUI 5.3.0 Remote Code Execution Via Deserialization Vulnerability

Exploit for java platform in category remote exploits Title: SmartBear SoapUI - Remote Code Execution via Deserialization Author: Jakub Palaczynski Date: 12. July 2017 Exploit tested on: ================== SoapUI 5.3.0 Also works on older versions. Vulnerability: Remote Code Execution via...

Java RMI Enumeration & Attack Tool: BaRMIe

BaRMIe is a tool for enumerating and attacking Java RMI Remote Method Invocation services. RMI services often expose dangerous functionality without adequate security controls, however RMI services tend to pass under the radar during security assessments due to the lack of effective testing tools...

Deserialization of untrusted data

All versions prior to V12.17.20 of the ZTE Microwave NR8000 series products - NR8120, NR8120A, NR8120, NR8150, NR8250, NR8000 TR and NR8950 are the applications of C/S architecture using the Java RMI service in which the servers use the Apache Commons Collections ACC library that may result in Ja...

CVE-2017-10932

All versions prior to V12.17.20 of the ZTE Microwave NR8000 series products - NR8120, NR8120A, NR8120, NR8150, NR8250, NR8000 TR and NR8950 are the applications of C/S architecture using the Java RMI service in which the servers use the Apache Commons Collections ACC library that may result in Ja...