Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Apache Software Foundation | Apache OFBiz | Apache OFBiz 17.12.01 to 17.12.05 | - |
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | None | https://github.com/yumusb/CVE-2021-26295 | POC Details |
| 2 | CVE-2021-26295 Apache OFBiz rmi反序列化POC | https://github.com/rakjong/CVE-2021-26295-Apache-OFBiz | POC Details |
| 3 | CVE-2021-26295 EXP 可成功反弹Shell | https://github.com/dskho/CVE-2021-26295 | POC Details |
| 4 | CVE-2021-26295-POC 利用DNSlog进行CVE-2021-26295的漏洞验证。 使用 poc:将目标放于target.txt后运行python poc.py即可。(Jdk环境需<12,否则ysoserial无法正常生成有效载荷) exp:python exp.py https://baidu.com然后进入命令执行界面(无回显) | https://github.com/coolyin001/CVE-2021-26295-- | POC Details |
| 5 | Apache OFBiz rmi反序列化EXP(CVE-2021-26295) | https://github.com/S0por/CVE-2021-26295-Apache-OFBiz-EXP | POC Details |
| 6 | CVE-2020-9496和CVE-2021-26295利用dnslog批量验证漏洞poc及exp | https://github.com/yuaneuro/ofbiz-poc | POC Details |
| 7 | Apache OFBiz has unsafe deserialization prior to 17.12.06. An unauthenticated attacker can use this vulnerability to successfully take over Apache OFBiz. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-26295.yaml | POC Details |
| 8 | None | https://github.com/Threekiii/Awesome-POC/blob/master/%E5%BC%80%E5%8F%91%E6%A1%86%E6%9E%B6%E6%BC%8F%E6%B4%9E/Apache%20OFBiz%20RMI%20Bypass%20RCE%20CVE-2021-29200.md | POC Details |
| 9 | None | https://github.com/Threekiii/Awesome-POC/blob/master/%E5%BC%80%E5%8F%91%E6%A1%86%E6%9E%B6%E6%BC%8F%E6%B4%9E/Apache%20OFBiz%20RMI%E5%8F%8D%E5%BA%8F%E5%88%97%E5%8C%96%E6%BC%8F%E6%B4%9E%20CVE-2021-26295.md | POC Details |
No public POC found.
Login to generate AI POCNo comments yet