Posts in:

Java

Insecure Deserialization: Finding Java Vulnerabilities with QL

Deserialization of untrusted data can lead to vulnerabilities that allow an attacker to execute arbitrary code. We can use QL, the query language of LGTM, to find such deserialization vulnerabilities.

July 02, 2019

SECURITY

OGNL Apache Struts exploit: Weaponizing a sandbox bypass (CVE-2018-11776)

This post reviews various security measures that were implemented in Apache Struts to constrain the power of OGNL, and how to bypass them (up to version 2.5.16).

November 21, 2018

NEWS

Apache Struts 2: Remote Code Execution Vulnerability

A new group of security issues have been discovered for applications developed based on Apache Struts, a popular open source framework for developing web applications used by enterprises globally.

October 04, 2018

Apache Struts double evaluation RCE lottery

October 04, 2018

OGNL injection in Apache Struts: Discovering exploits with taint tracking

September 24, 2018

CVE-2017-8046 exploit: Remote code execution affecting Pivotal Spring projects

March 01, 2018

Spring Data REST exploit (CVE-2017-8046): Finding a RCE vulnerability with QL

March 01, 2018

Android deserialization vulnerabilities: A brief history

February 02, 2018

Castor and Hessian java deserialization vulnerabilities

January 17, 2018

XXE attack example using jBoss vulnerability (jBPM) CVE-2017-7545

This post shows how the out-of-the-box XXE query in LGTM catches an exploitable XXE vulnerability in the JBoss business process manager that is difficult to find using fuzzing or testing.

December 19, 2017

Restlet XXE vulnerability (CVE-2017-14949)

Unsafe parsing of user input XML data in Restlet leads to remote information disclosure by sending a malicious request to applications built using Restlet's REST API. In this post I will explain the details of the vulnerability, how it is found using…

October 17, 2017

Restlet XML External Entity Expansion Vulnerability (CVE-2017-14868)

October 02, 2017

Spring AMQP Exploit (CVE-2017-8045): Remote Code Execution Vulnerability

September 20, 2017

CVE-2017-9805: How QL found a remote code execution vulnerability in Apache Struts

September 05, 2017

Browse all tags

Insecure Deserialization: Finding Java Vulnerabilities with QL

OGNL Apache Struts exploit: Weaponizing a sandbox bypass (CVE-2018-11776)

Apache Struts 2: Remote Code Execution Vulnerability

Apache Struts double evaluation RCE lottery

OGNL injection in Apache Struts: Discovering exploits with taint tracking

CVE-2017-8046 exploit: Remote code execution affecting Pivotal Spring projects

Spring Data REST exploit (CVE-2017-8046): Finding a RCE vulnerability with QL

Android deserialization vulnerabilities: A brief history

Castor and Hessian java deserialization vulnerabilities

XXE attack example using jBoss vulnerability (jBPM) CVE-2017-7545

Restlet XXE vulnerability (CVE-2017-14949)

Restlet XML External Entity Expansion Vulnerability (CVE-2017-14868)

Spring AMQP Exploit (CVE-2017-8045): Remote Code Execution Vulnerability

CVE-2017-9805: How QL found a remote code execution vulnerability in Apache Struts

Join us in securing the software that runs the world!