疑似Oday
Detected JBoss JMX Console was accessible without authentication. The exposed console provided complete access to all MBeans, including MainDeployer, which enabled arbitrary WAR file deployment, leading to remote code execution. Attackers could view the entire MBean tree, deploy malicious applications, and invoke administrative operations without valid credentials.
id: jboss-jmx-console-unauth
info:
name: JBoss JMX Console - Unauthenticated Access
author: 0x_
...