CVE-2022-40146_Exploit_Jar icon indicating copy to clipboard operation
CVE-2022-40146_Exploit_Jar copied to clipboard

Published 20 hours ago verified publisher icon cckuailong

Metadata

Apache Batik SSRF to RCE Jar Exploit

Component link

https://github.com/apache/xmlgraphics-batik

Blog

https://www.zerodayinitiative.com/blog/2022/10/28/vulnerabilities-in-apache-batik-default-security-controls-ssrf-and-rce-through-remote-class-loading

Usage

  • Modify the line 11 in src/main/java/com.poc.Poc.java to change the command.
  • Run mvn clean package
  • Exploit can be found in target/

Then you need to navigate to the Poc/ to use this exploit jar.

Poc contains:

  • SSRF
  • RCE via jar
  • RCE via ecmascript

Metadata

29
Stars
8
Forks
Watchers

Owner

verified publisher icon cckuailong

Metadata

Back