Java Deserialization Exploits
A collection of curated Java Deserialization Exploits
Currently this repo contains exploits for the following vulnerabilities:
- Cisco Prime Infrastructure Java Deserialization RCE (CVE-2016-1291)
- IBM WebSphere Java Object Deserialization RCE (CVE-2015-7450)
- OpenNMS Java Object Deserialization RCE (No CVE ?)
- Jenkins CLI RMI Java Deserialization RCE (CVE-2015-8103)
- Jenkins Groovy XML RCE (CVE-2016-0792)
- Oracle WebLogic Server Java Object Deserialization RCE (CVE-2016-3510)
- JBoss Java Deserialization RCE (CVE-2015-7501)