This Metasploit module exploits a Java deserialization vulnerability in Apache OFBiz’s unauthenticated SOAP endpoint /webtools/control/SOAPService for versions prior to 17.12.06.
This Metasploit module exploits a Java deserialization vulnerability in Apache OFBiz’s unauthenticated SOAP endpoint /webtools/control/SOAPService for versions prior to 17.12.06.