Home / exploits

PDF

MobileIron MDM Hessian-Based Java Deserialization Remote Code Execution

Posted on 25 January 2021

This Metasploit module exploits an ACL bypass in MobileIron MDM products to execute a Groovy gadget against a Hessian-based Java deserialization endpoint.

 

TOP