A collection of curated Java Deserialization Exploits
Switch branches/tags
Nothing to show
Clone or download
Latest commit cfe7080 May 22, 2018

README.md

Java Deserialization Exploits

A collection of curated Java Deserialization Exploits

Currently this repo contains exploits for the following vulnerabilities:

  • Cisco Prime Infrastructure Java Deserialization RCE (CVE-2016-1291)
  • IBM WebSphere Java Object Deserialization RCE (CVE-2015-7450)
  • OpenNMS Java Object Deserialization RCE (No CVE ?)
  • Jenkins CLI RMI Java Deserialization RCE (CVE-2015-8103)
  • Jenkins Groovy XML RCE (CVE-2016-0792)
  • Oracle WebLogic Server Java Object Deserialization RCE (CVE-2016-3510)
  • JBoss Java Deserialization RCE (CVE-2015-7501)