CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-05-08 01:56:40 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
dc3bd6cd71a486f862e7cf4da52fce4cfeb10e52
CVEs-PoC/2018/CVE-2018-18240.md
T
0xMarcio 49bdc782b3 Update Sun May 26 14:27:04 CEST 2024
2024-05-26 14:27:05 +02:00

660 B
Raw Blame History

CVE-2018-18240

Description

Pippo through 1.11.0 allows remote code execution via a command to java.lang.ProcessBuilder because the XstreamEngine component does not use XStream's available protection mechanisms to restrict unmarshalling.

POC

Reference

No PoCs from references.

Github

Reference in New Issue View Git Blame Copy Permalink