Home / exploitsPDF  

JBOSS EAP/AS 6.x Remote Code Execution

Posted on 13 July 2022

An unauthenticated attacker with network access to the JBOSS EAP/AS versions 6.x and below Remoting Unified Invoker interface can send a serialized object to the interface to execute code on vulnerable hosts.

 

TOP