Remote Code Execution exploit for PrimeFaces 5.x - EL Injection (CVE-2017-1000486)
CVE-2017-1000486
Remote Code Execution exploit for PrimeFaces 5x - EL Injection (CVE-2017-1000486)
This is basically the same exploit made by Mogwailabs, but edited to work in closed environments without access to the internet or with blocked firewall outbound traffic
It gives you results in HTTP response header, so in case you're trying doing blind RCEwith old exploit -