Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-36179 PoC — FasterXML jackson-databind 代码问题漏洞

Source
https://github.com/Threekiii/Awesome-POC/blob/master/%E5%BC%80%E5%8F%91%E6%A1%86%E6%9E%B6%E6%BC%8F%E6%B4%9E/Jackson-databind%20SSRF&RCE%20CVE-2020-36179~36182.md
Associated Vulnerability
Title:FasterXML jackson-databind 代码问题漏洞 (CVE-2020-36179)
Description:FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS.
File Snapshot

 # Jackson-databind SSRF&RCE CVE-2020-36179~36182

## 漏洞描述

漏洞类型:JDNI 注入导致 RCE

利用条件:

- 开启 enableDef

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →