Vulnerabilities > CVE-2020-7961 - Deserialization of Untrusted Data vulnerability in Liferay Portal

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
liferay
CWE-502
exploit available
metasploit
NVD
Published: 2020-03-20
Updated: 2021-01-30

Summary

Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSON web services (JSONWS).

Vulnerable Configurations

Part Description Count
Application
Liferay
26

Common Weakness Enumeration (CWE)

Exploit-Db

idEDB-ID:48332
last seen2020-04-16
modified2020-04-16
published2020-04-16
reporterExploit-DB
sourcehttps://www.exploit-db.com/download/48332
titleLiferay Portal - Java Unmarshalling via JSONWS RCE (Metasploit)

Metasploit

descriptionThis module exploits a Java unmarshalling vulnerability via JSONWS in Liferay Portal versions < 6.2.5 GA6, 7.0.6 GA7, 7.1.3 GA4, and 7.2.1 GA2 to execute code as the Liferay user. Tested against 7.2.0 GA1.
idMSF:EXPLOIT/MULTI/HTTP/LIFERAY_JAVA_UNMARSHALLING
last seen2020-06-14
modified2020-04-22
published2020-04-08
references
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/multi/http/liferay_java_unmarshalling.rb
titleLiferay Portal Java Unmarshalling via JSONWS RCE

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/157254/liferay_java_unmarshalling.rb.txt
idPACKETSTORM:157254
last seen2020-04-20
published2020-04-15
reporterMarkus Wulftange
sourcehttps://packetstormsecurity.com/files/157254/Liferay-Portal-Java-Unmarshalling-Remote-Code-Execution.html
titleLiferay Portal Java Unmarshalling Remote Code Execution

References