JBOSS EAP/AS 6.x Remote Code Execution
Posted by deepcore on July 13, 2022 – 3:03 am
An unauthenticated attacker with network access to the JBOSS EAP/AS versions 6.x and below Remoting Unified Invoker interface can send a serialized object to the interface to execute code on vulnerable hosts.
Post a reply
You must be logged in to post a comment.