Remote Code Execution exploit for PrimeFaces 5.x - EL Injection (CVE-2017-1000486)
This is basically the same exploit made by Mogwailabs, but edited to work in closed environments without access to the internet or with blocked firewall outbound traffic. It gives you results in HTTP response header, so in case you're trying doing blind RCEwith old exploit - not anymore.
python3 primefaces.py -t vulnapp.com id
Feel free to edit vuln_point variable for exact endpoint.