Browsing the "deserialization" Tag

MobileIron MDM Hessian-Based Java Deserialization Remote Code Execution ≈ Packet Storm

January 26th, 2021 📆 | 8515 Views ⚑

### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking prepend Msf::Exploit::Remote::AutoCheckinclude Msf::Exploit::Remote::HttpClientinclude Msf::Exploit::CmdStager

Tagged with:




Telerik UI ASP.NET AJAX RadAsyncUpload Deserialization ≈ Packet Storm

October 20th, 2020 📆 | 4979 Views ⚑

### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule < Msf::Exploit::RemoteRank = ExcellentRanking prepend Msf::Exploit::Remote::AutoCheckinclude Msf::Exploit::Remote::HttpClientinclude Msf::Exploit::EXEinclude Msf::Exploit::FileDropper

Tagged with:




QRadar RemoteJavaScript Deserialization ≈ Packet Storm

October 20th, 2020 📆 | 5079 Views ⚑

————————————————————————Java deserialization vulnerability in QRadar RemoteJavaScript Servlet————————————————————————Abstract————————————————————————A Java deserialization vulnerability exists in the QRadarRemoteJavaScript Servlet. An authenticated user can call

Tagged with:




Jenkins 2.56 CLI Deserialization / Code Execution ≈ Packet Storm

September 23rd, 2020 📆 | 5138 Views ⚑

### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule < Msf::Exploit::RemoteRank = ExcellentRanking include Msf::Exploit::Remote::HttpClientinclude Msf::Exploit::CmdStagerprepend Exploit::Remote::AutoCheck def

Tagged with:




Hyland OnBase Insecure Deserialization ≈ Packet Storm

September 8th, 2020 📆 | 3291 Views ⚑

CVSSv3.1 Score————————————————-AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Vendor————————————————-Hyland Software – (https://www.hyland.com/en/ and https://www.onbase.com/en/) Product————————————————-Hyland OnBaseAll derivatives based on OnBase Versions Affected————————————————-All versions up to and

Tagged with:




Apache OFBiz XML-RPC Java Deserialization ≈ Packet Storm

August 18th, 2020 📆 | 6102 Views ⚑

### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking prepend Msf::Exploit::Remote::AutoCheckinclude Msf::Exploit::Remote::HttpClientinclude Msf::Exploit::CmdStager

Tagged with:




SharePoint DataSet / DataTable Deserialization ≈ Packet Storm

August 1st, 2020 📆 | 7381 Views ⚑

# This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClientinclude Msf::Exploit::CmdStagerinclude Msf::Exploit::Powershellprepend

Tagged with:




Plesk / myLittleAdmin ViewState .NET Deserialization ≈ Packet Storm

May 22nd, 2020 📆 | 2296 Views ⚑

### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking # VIEWSTATE_GENERATOR = ‘CA0B0334’.freeze

Tagged with:




WebLogic Server Deserialization Remote Code Execution ≈ Packet Storm

May 21st, 2020 📆 | 3052 Views ⚑

### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule < Msf::Exploit::RemoteRank = NormalRanking include Msf::Exploit::Remote::Tcpinclude Msf::Exploit::CmdStagerinclude Msf::Exploit::Powershellinclude Msf::Exploit::Remote::AutoCheck

Tagged with:




Protection Licensing Toolkit ReadyAPI 3.2.5 Code Execution / Deserialization ≈ Packet Storm

May 20th, 2020 📆 | 2991 Views ⚑

Advisory ID: SYSS-2019-039Product: Protection Licensing Toolkit, SoapUI/LoadUI/ServiceV ProManufacturer: jProductivity LLC, SmartBear SoftwareAffected Version(s): – ReadyAPI 3.2.5Tested Version(s): ReadyAPI 3.2.5Vulnerability Type:

Tagged with:




Veeam ONE Agent .NET Deserialization ↭

May 5th, 2020 📆 | 6402 Views ⚑

### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule < Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::Tcpinclude Msf::Exploit::CmdStagerinclude Msf::Exploit::Powershell

Tagged with:




Furukawa Electric ConsciusMAP 2.8.1 Java Deserialization Remote Code Execution ↭

April 24th, 2020 📆 | 3961 Views ⚑

*]#!/usr/bin/env python3*]# -*- coding: utf-8 -*-*]#*]#*]# Furukawa Electric ConsciusMAP 2.8.1 Java Deserialization Remote Code Execution*]#*]#*]# Vendor: Furukawa Electric Co., Ltd.

Tagged with:




DotNetNuke – Cookie Deserialization Remote Code Execution (Metasploit)

April 16th, 2020 📆 | 1773 Views ⚑

*] *]## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core/exploit/powershell' require 'openssl' require 'set' class

Tagged with:




DotNetNuke Cookie Deserialization Remote Code Execution ↭

April 3rd, 2020 📆 | 1948 Views ⚑

*]##*]# This module requires Metasploit: https://metasploit.com/download*]# Current source: https://github.com/rapid7/metasploit-framework*]## require ‘msf/core/exploit/powershell'*]require ‘openssl'*]require ‘set’ class MetasploitModule < Msf::Exploit::Remote*]include Msf::Exploit::Remote::HttpClient*]include Msf::Exploit::Powershell*]include Msf::Exploit::Remote::HttpServer

Tagged with:




ManageEngine Desktop Central Java Deserialization ↭

March 14th, 2020 📆 | 6477 Views ⚑

### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClientinclude Msf::Exploit::Remote::AutoCheckinclude Msf::Exploit::CmdStagerinclude

Tagged with:




SQL Server Reporting Services (SSRS) ViewState Deserialization ≈ ↲

March 13th, 2020 📆 | 3742 Views ⚑

### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule < Msf::Exploit::RemoteRank = ExcellentRanking include Msf::Exploit::Remote::HttpClientinclude Msf::Exploit::CmdStager def initialize(info

Tagged with:




ManageEngine Desktop Central Deserialization / Remote Code Execution ≈ ↲

March 9th, 2020 📆 | 8489 Views ⚑

#!/usr/bin/python3“””ManageEngine Desktop Central FileStorage getChartImage Deserialization of Untrusted Data Remote Code Execution Vulnerability Download: https://www.manageengine.com/products/desktop-central/download-free.htmlFile …: ManageEngine_DesktopCentral_64bit.exeSHA1 …: 73ab5bb00f993685c711c0aed450444795d5b826Found by:

Tagged with: