VDB
CNVD-2018-11846
CNVD-2018-11846
PUBLISHED
Red Hat JBoss RichFaces是美国红帽(Red Hat)公司的一个开源的JSF(JavaServer Faces)组件库。该库提供内置的JavaScript和Ajax功能。 Red Hat JBoss RichFaces 3.1.0版本至3.3.4版本中存在安全漏洞。远程攻击者可利用该漏洞注入EL表达式并执行任意Java代码。
Exploit Intelligence
- Pastea/CVE-2018-12533 (github-poc-repo)
- Pastea/CVE-2018-12533 (github-poc-repo)
- RF-14310 / CVE-2018-12533 - Payload generator (github-poc-repo)
- RF-14310 / CVE-2018-12533 - Payload generator (github-poc-repo)
- mhagnumdw/richfaces-vulnerability-cve-2018-12533-rf-14310 (github-poc-repo)
- mhagnumdw/richfaces-vulnerability-cve-2018-12533-rf-14310 (github-poc-repo)
- Simplest and most reliable RichFaces Paint2DResource CVE-2018-12533 RF-14310 exploit PoC (github-poc-repo)
- Simplest and most reliable RichFaces Paint2DResource CVE-2018-12533 RF-14310 exploit PoC (github-poc-repo)
- Simplest and most reliable RichFaces Paint2DResource CVE-2018-12533 RF-14310 exploit PoC (github-poc)
- Simplest and most reliable RichFaces Paint2DResource CVE-2018-12533 RF-14310 exploit PoC (github-poc)
…and 6 more exploits
Timeline
- Jun 18, 2018 CVE Published