JDK CVE-2023-21939## JDK CVE-2023-21939
[文章链接](https://mp.weixin.qq.com/s?__biz=MzkzOTQzOTE1NQ==&mid=2247483750&idx=1&sn=12a793075d0a8713bbfb4341b3591628&chksm=c2f1a43af5862d2cc898be9e4b43b24d24b29173501d3c10d812a8fcb7dd25d858e3095969ea#rd)
This is JDK CVE-2023-21939
Use JDK version lower than 8u371
### JDK + Apache XML Graphics
```xml
<dependency>
<groupId>org.apache.xmlgraphics</groupId>
<artifactId>batik-swing</artifactId>
<version>1.15</version>
</dependency>
```
How to reproduce this RCE:
(1) Run XmlServer.java
(2) Run JarServer.java
(3) Run JarRCE.java for Test and successfully RCE
Screenshot:
### JDK + Apache XML Graphics + Mozilla Rhino
```xml
<dependency>
<groupId>org.apache.xmlgraphics</groupId>
<artifactId>batik-swing</artifactId>
<version>1.15</version>
</dependency>
<dependency>
<groupId>org.mozilla</groupId>
<artifactId>rhino</artifactId>
<version>1.7.10</version>
</dependency>
```
How to reproduce this RCE:
(1) Run XmlServer.java
(2) Run JSRCE.java for Test and successfully RCE
Screenshot:
[4.0K] /data/pocs/d59f0107779e203f20d028777b2da24033f22a97
├── [4.0K] imgs
│ ├── [ 53K] 001.png
│ └── [ 60K] 002.png
├── [1.1K] pom.xml
├── [1.1K] README.md
└── [4.0K] src
└── [4.0K] main
├── [4.0K] java
│ ├── [ 766] Exploit.java
│ └── [4.0K] me
│ └── [4.0K] n1ar4
│ ├── [4.0K] exploit
│ │ ├── [ 869] JarRCE.java
│ │ ├── [ 867] JSRCE.java
│ │ └── [ 718] SerUtil.java
│ ├── [1.8K] JarServer.java
│ ├── [ 649] Main.java
│ └── [2.5K] XmlServer.java
└── [4.0K] resources
└── [1.6K] exploit.jar
8 directories, 12 files