CVE-2011-0807

Oracle Sun GlassFish Enterprise Server <3.0.1 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2011-0807. PoCs published by Metasploit, juan vazquez, including Metasploit module auxiliary/scanner/http/glassfish_login.

AI-analyzed exploit summary This Metasploit module exploits CVE-2011-0807 by authenticating to a vulnerable GlassFish Server instance and deploying a malicious WAR file to achieve remote code execution. It supports multiple versions of GlassFish and Sun Java System Application Server, with options for both authenticated and unauthenticated exploitation via HTTP verb manipulation.

Description

Unspecified vulnerability in Oracle Sun GlassFish Enterprise Server 2.1, 2.1.1, and 3.0.1, and Sun Java System Application Server 9.1, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubywebappsjsp
https://www.exploit-db.com/exploits/17615

This Metasploit module exploits CVE-2011-0807 by authenticating to a vulnerable GlassFish Server instance and deploying a malicious WAR file to achieve remote code execution. It supports multiple versions of GlassFish and Sun Java System Application Server, with options for both authenticated and unauthenticated exploitation via HTTP verb manipulation.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Sun/Oracle GlassFish Server 2.x, 3.0, 3.1 (Open Source or Commercial), Sun Java System Application Server 9.x
Auth required
Prerequisites: Network access to the GlassFish administration interface (default port 4848) · Default or known credentials for authentication (unless bypassing auth via HTTP verb manipulation)
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit SCANNER
rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/glassfish_login.rb

This Metasploit module is a brute-force utility for GlassFish admin console authentication, checking for weak credentials and an older authentication bypass vulnerability. It does not contain offensive payloads but scans for valid login combinations.

Classification
Scanner 100%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: GlassFish (versions 2.x, 3.x, 9.x)
No auth needed
Prerequisites: Network access to GlassFish admin console (typically port 4848) · Valid or weak credentials for brute-forcing
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
by juan vazquez · rubypocjava
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/glassfish_deployer.rb

This Metasploit module exploits an authenticated code execution vulnerability in Oracle/Sun GlassFish Server by deploying a malicious WAR file. It supports multiple versions (2.x, 3.x, 4.x, and 9.x) and includes auto-targeting based on detected platform and architecture.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Oracle/Sun GlassFish Server (2.x, 3.x, 4.x, 9.x)
Auth required
Prerequisites: Valid credentials (or bypass) · Remote admin access enabled · Network access to port 4848
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/8327

Scores

EPSS 0.6088
EPSS Percentile 99.0%

Details

Status published
Products (4)
oracle/glassfish_server 2.1
oracle/glassfish_server 2.1.1
oracle/glassfish_server 3.0.1
sun/java_system_application_server 9.1
Published Apr 20, 2011
Tracked Since Feb 18, 2026