CVE-2020-9547
CRITICAL EXPLOITED NUCLEIjackson-databind 2.0.0-2.7.9.7 - Deserialization of Untrusted Data via com.ibatis.sqlmap Gadget
Title source: llmExploitation Summary
CVE-2020-9547 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including fairyming. A Nuclei detection template is also available.
AI-analyzed exploit summary This repository contains a functional PoC for CVE-2020-9547, a deserialization vulnerability in FasterXML/jackson-databind. The exploit leverages LDAP-based remote code execution by manipulating JSON input with malicious class references.
Description
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap).
Exploits (1)
nomisec
WORKING POC
23 stars
by fairyming · poc
https://github.com/fairyming/CVE-2020-9547
This repository contains a functional PoC for CVE-2020-9547, a deserialization vulnerability in FasterXML/jackson-databind. The exploit leverages LDAP-based remote code execution by manipulating JSON input with malicious class references.
Classification
Working Poc 95%
Attack Type
Deserialization
Complexity
Moderate
Reliability
Reliable
Target:
FasterXML/jackson-databind (versions affected by CVE-2020-9547)
No auth needed
Prerequisites:
LDAP server hosting malicious payload · Target application using vulnerable jackson-databind version
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026
Full analysis →
Nuclei Templates (1)
FasterXML jackson-databind - Deserialization Remote Code Execution
CRITICALVERIFIEDby pranjalnegi
References (23)
Core 23
Core References
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2020/03/msg00008.html
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/rb6fecb5e96a6d61e175ff49f33f2713798dd05cf03067c169d195596%40%3Cissues.zookeeper.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/r9464a40d25c3ba1a55622db72f113eb494a889656962d098c70c5bb1%40%3Cdev.zookeeper.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/rdd49ab9565bec436a896bc00c4b9fc9dce1598e106c318524fbdfec6%40%3Cissues.zookeeper.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/rd0e958d6d5c5ee16efed73314cd0e445c8dbb4bdcc80fc9d1d6c11fc%40%3Cdev.zookeeper.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/r35d30db00440ef63b791c4b7f7acb036e14d4a23afa2a249cb66c0fd%40%3Cissues.zookeeper.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/r98c9b6e4c9e17792e2cd1ec3e4aa20b61a791939046d3f10888176bb%40%3Cissues.zookeeper.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/rd5a4457be4623038c3989294429bc063eec433a2e55995d81591e2ca%40%3Cissues.zookeeper.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/rdd4df698d5d8e635144d2994922bf0842e933809eae259521f3b5097%40%3Cissues.zookeeper.apache.org%3E
Various Sources x_refsource_misc
https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
Third Party Advisory x_refsource_misc
https://www.oracle.com/security-alerts/cpujul2020.html
Mailing List x_refsource_misc
https://lists.apache.org/thread.html/r893a0104e50c1c2559eb9a5812add28ae8c3e5f43712947a9847ec18%40%3Cnotifications.zookeeper.apache.org%3E
Patch, Third Party Advisory x_refsource_misc
https://github.com/FasterXML/jackson-databind/issues/2634
Mailing List x_refsource_misc
https://lists.apache.org/thread.html/redbe4f1e21bf080f637cf9fbec47729750a2f443a919765360337428%40%3Cnotifications.zookeeper.apache.org%3E
Mailing List x_refsource_misc
https://lists.apache.org/thread.html/r742ef70d126548dcf7de5be5779355c9d76a9aec71d7a9ef02c6398a%40%3Cnotifications.zookeeper.apache.org%3E
Mailing List x_refsource_misc
https://lists.apache.org/thread.html/ra3e90712f2d59f8cef03fa796f5adf163d32b81fe7b95385f21790e6%40%3Cnotifications.zookeeper.apache.org%3E
Mailing List x_refsource_misc
https://lists.apache.org/thread.html/r4accb2e0de9679174efd3d113a059bab71ff3ec53e882790d21c1cc1%40%3Cnotifications.zookeeper.apache.org%3E
Mailing List x_refsource_misc
https://lists.apache.org/thread.html/rc0d5d0f72da1ed6fc5e438b1ddb3fa090c73006b55f873cf845375ab%40%3Cnotifications.zookeeper.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E
Patch, Third Party Advisory x_refsource_misc
https://www.oracle.com/security-alerts/cpuoct2020.html
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20200904-0006/
Patch, Third Party Advisory x_refsource_misc
https://www.oracle.com/security-alerts/cpujan2021.html
Patch, Third Party Advisory x_refsource_misc
https://www.oracle.com/security-alerts/cpuoct2021.html
Scores
CVSS v3
9.8
EPSS
0.3826
EPSS Percentile
97.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
VulnCheck KEV
2025-06-23
CWE
CWE-502
Status
published
Products (29)
com.fasterxml.jackson.core/jackson-databind
2.9.0 - 2.9.10.4Maven
debian/debian_linux
8.0
fasterxml/jackson-databind
2.0.0 - 2.7.9.7
netapp/active_iq_unified_manager
7.3 (2 CPE variants)
netapp/active_iq_unified_manager
9.5
oracle/autovue_for_agile_product_lifecycle_management
21.0.2
oracle/banking_platform
2.4.0 - 2.9.0
oracle/communications_contacts_server
8.0.0.4.0
oracle/communications_evolved_communications_application_server
7.1
oracle/communications_instant_messaging_server
10.0.1.4.0
... and 19 more
Published
Mar 02, 2020
Tracked Since
Feb 18, 2026