Christopher Ellis

3 exploits Active since Mar 2021
CVE-2021-34371 NOMISEC CRITICAL WORKING POC
Neo4j < 3.4.18 and 3.5.0 - Remote Code Execution via RMI Deserialization
Neo4j through 3.4.18 (with the shell server enabled) exposes an RMI service that arbitrarily deserializes Java objects, e.g., through setSessionVariable. An attacker can abuse this for remote code execution because there are dependencies with exploitable gadget chains.
CVSS 9.8
CVE-2021-34371 EXPLOITDB CRITICAL java WORKING POC
Neo4j < 3.4.18 and 3.5.0 - Remote Code Execution via RMI Deserialization
Neo4j through 3.4.18 (with the shell server enabled) exposes an RMI service that arbitrarily deserializes Java objects, e.g., through setSessionVariable. An attacker can abuse this for remote code execution because there are dependencies with exploitable gadget chains.
CVSS 9.8
CVE-2021-26705 EXPLOITDB CRITICAL java WORKING POC
SquareBox CatDV < 9.2 - Unauthenticated Sensitive RMI Method Invocation
An issue was discovered in SquareBox CatDV Server through 9.2. An attacker can invoke sensitive RMI methods such as getConnections without authentication, the results of which can be used to generate valid authentication tokens. These tokens can then be used to invoke administrative tasks within the application, such as disclosing password hashes.
CVSS 9.1