This Metasploit module exploits an unauthenticated Java deserialization in the NetMotion Mobility server's MvcUtil.valueStringToObject() method, as invoked through the /mobility/Menu/isLoggedOn endpoint, to execute code as the SYSTEM account. Mobility server versions 11.x before 11.73 and 12.x before 12.02 are vulnerable. Tested against 12.01.09045 on Windows Server 2016.
SRC-2021-0007 : NetMotion Mobility Server MvcUtil valueStringToObject Deserialization of Untrusted Data Remote Code Execution Vulnerability
NetMotion Mobility Server MvcUtil Java Deserialization