module
Apache OFBiz SOAP Java Deserialization
| Disclosed |
|---|
| 2021-03-22 |
Disclosed
2021-03-22
Description
This module exploits a Java deserialization vulnerability in Apache
OFBiz's unauthenticated SOAP endpoint /webtools/control/SOAPService for
versions prior to 17.12.06.
OFBiz's unauthenticated SOAP endpoint /webtools/control/SOAPService for
versions prior to 17.12.06.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.