A PoC exploit for the Apache Any23 <=2.5 RCE vulnerability
This project is a PoC exploit for CVE-2021-40146 It will exploit an instance of Any23 <=25 to perform RCE Full blog post here
A Remote Code Execution (RCE) vulnerability exists in the Any23 YAMLExtractor.java file and is known to affect Any23 versions < 2.5. RCE vulnerabilities allow a malicious actor to execute any code of their choice on a remote machine over LAN, WAN, or internet. RCE belongs to the broader class of arbitrary code execution (ACE) vulnerabilities.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache any23 |