module
NetMotion Mobility Server MvcUtil Java Deserialization
| Disclosed |
|---|
| Feb 8, 2021 |
Disclosed
Feb 8, 2021
Description
This module exploits an unauthenticated Java deserialization in the
NetMotion Mobility server's MvcUtil.valueStringToObject() method, as
invoked through the /mobility/Menu/isLoggedOn endpoint, to execute
code as the SYSTEM account.
Mobility server versions 11.x before 11.73 and 12.x before 12.02 are
vulnerable. Tested against 12.01.09045 on Windows Server 2016.
NetMotion Mobility server's MvcUtil.valueStringToObject() method, as
invoked through the /mobility/Menu/isLoggedOn endpoint, to execute
code as the SYSTEM account.
Mobility server versions 11.x before 11.73 and 12.x before 12.02 are
vulnerable. Tested against 12.01.09045 on Windows Server 2016.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.