Apache OFBiz SOAP Java Deserialization

deepcore

This Metasploit module exploits a Java deserialization vulnerability in Apache OFBiz’s unauthenticated SOAP endpoint /webtools/control/SOAPService for versions prior to 17.12.06.

Related Posts

Leave a Reply