MobileIron Log4Shell Remote Command Execution
Posted by deepcore on August 4, 2022 – 8:16 pm
MobileIron Core is affected by the Log4Shell vulnerability whereby a JNDI string sent to the server will cause it to connect to the attacker and deserialize a malicious Java object. This results in OS command execution in the context of the tomcat user. This Metasploit module will start an LDAP server that the target will need to connect to.
Post a reply
You must be logged in to post a comment.