Description

A remote code execution vulnerability exists in Liferay Portal 6.1 that can be exploited via JSON web services (JSONWS).

The JSONWS servlet of Liferay Portal uses flexjson library that allows the instantiation of arbitrary classes and invocation of arbitrary setter methods.

Remediation

Upgrade to the latest version of Liferay Portal.

References

Liferay Portal JSON Web Service RCE Vulnerabilities

CST-7111 RCE via JSON deserialization

Related Vulnerabilities

Unauthenticated OGNL injection in Confluence Server and Data Center (CVE-2023-22527)

IBM WebSphere RCE Java Deserialization Vulnerability

Nette framework PHP code injection via callback

WordPress Plugin Import XML and RSS Feeds Remote Code Execution (2.1.4)

Apache OFBiz XMLRPC Deserialization RCE (CVE-2020-9496/CVE-2023-49070)

Severity

High

Classification

CWE-78 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Code Execution