H2 RCE via Malicious JDBC Connection String in WSO2 ESB
by Loki - Tuesday July 2, 2024 at 12:41 PM
The God of Stories
Super Moderators
Posts: 2,595
Threads: 65
Joined: Jun 2024
Reputation: 1,818

#1
07-02-2024, 12:41 PM
Found this on Github.
https://github.com/mbadanoiu/WSO2-2021-1...1-1259.pdf
How to find vulnerable servers?
Fofa hunt rule - 
Hidden Content
You must register or login to view this content.
P.S.: The vuln is 2-3months old, so might be best to try timeline around later 2023 / early 2024

Happy hacking  Omnicer
[Image: e47c91a87cc521d1efbd20183b42ee4259c9c593.gifv]
PGP
Reply
Elite User

Posts: 122
Threads: 19
Joined: Sep 2023
Reputation: -381

#2
07-02-2024, 05:11 PM
thanks comrade comissar
Reply
Breached
Member
Posts: 47
Threads: 1
Joined: Jul 2024
Reputation: 0

#3
08-02-2024, 03:49 AM (This post was last modified: 08-02-2024, 03:49 AM by 9CLEAN.)
query search in shodan ?
Reply
Banned

Posts: 38
Threads: 0
Joined: Jan 2025
Reputation: 0

#4
02-18-2025, 04:24 PM
I will open calc.exe on a server with this exploit.
This forum account is currently banned. Ban Length: (Permanent)
Ban Reason: Leeching | http://breachddyfwvcp4kzccos5oxtdbssmfbp...an-Appeals if you feel this is incorrect.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  CVE-2025-40554 - SolarWinds Web Help Desk Auth Bypass & RCE PoC miyako 3 73 02-07-2026, 03:32 PM
Last Post: cysc
  HPE OneView RCE Exploit [CVE-2025-37164] Hawx01 8 261 02-06-2026, 07:08 PM
Last Post: hacker0123
  WordPress LFI to RCE - CVE-2025-0366 Serious 1 457 02-05-2026, 09:53 AM
Last Post: Sammm89
  Outlook CVE-2024-21413 for RCE: Hacking through a letter Loki 53 4,166 01-29-2026, 11:54 AM
Last Post: sergiojames
  Nginx RCE - 2025 - March loganpaul09 9 635 01-05-2026, 06:20 PM
Last Post: Djahid



 Users browsing this thread: