Closed postmodern closed 5 months ago
I'd like to take a swing at this one, if nobody else is working on it.
I forgot to mention (and should probably add a note to the issue template about it), that if you need a vulnerable server to test your PoC against, there's this project called vulhub that provides docker-compose
files for most all of the CVEs for Open Source projects. They even have one for CVE-2023-46604.
Add a PoC exploit for CVE-2023-46604, Apache ActiveMQ deserialization vulnerability.
Reference PoCs
config.xml
file that's hosted at the payload URL).Vuln App
How to Submit a PoC
See the CONTRIBUTING file for instructions on how to submit a PoC exploit.