WEB APPLICATION VULNERABILITIES Standard & Premium

Unauthenticated Remote Code Execution via JSONWS in Liferay 6.1 (LPS-88051)

Description

A remote code execution vulnerability exists in Liferay Portal 6.1 that can be exploited via JSON web services (JSONWS).

The JSONWS servlet of Liferay Portal uses flexjson library that allows the instantiation of arbitrary classes and invocation of arbitrary setter methods.

Remediation

Upgrade to the latest version of Liferay Portal.

References

Liferay Portal JSON Web Service RCE Vulnerabilities

CST-7111 RCE via JSON deserialization

Related Vulnerabilities

WordPress Plugin All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Remote Code Execution (4.1.0.1)

ManageEngine Desktop Central Deserialization RCE (CVE-2020-10189)

WordPress Plugin WordPress WP-Advanced-Search Remote Code Execution (3.3.3)

Atlassian Crowd Remote Code Execution

WordPress Plugin VaultPress Man-in-The-Middle (MiTM) Remote Code Execution (1.8.6)

Severity

High

Classification

CWE-78 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Code Execution