Skip to main content
HomePentest-Tools.com Logo

Vulnerabilities & Exploits

Liferay Portal - Remote Code Execution CVE-2020-7961

Severity
CVSSv3 Score
9.8
CVE
Cybersecurity Infrastructure Security Agency (CISA)CVE-2020-7961
Vulnerability description

Liferay Portal server is vulnerable to CVE-2020-7961, a Remote Code Injection vulnerability affecting multiple methods found in the /api/jsonws endpoint.

The root cause of this vulnerability is the improper deserialization of untrusted data provided by the user. A remote unauthenticated attacker can perform remote class loading through deserialization via a malicious machine that serves specially crafted Java class files that run arbitrary code on the target.

Risk description

The risk exists that a remote unauthenticated attacker can fully compromise the Liferay Server in order to steal confidential information, install ransomware or pivot to the internal network.

Exploit capabilities

Sniper can gain unauthenticated Remote Code Execution on the target system and extract multiple artefacts as evidence.

Recommendation

Apply the latest updates for the Liferay Server.

References
https://nvd.nist.gov/vuln/detail/CVE-2020-7961
Codename
Not available
Detectable with
Network Scanner
Scan engine
Sniper
Exploitable with Sniper
Yes
CVE Published
Mar 20, 2020
Detection added at
Software Type
Enterprise Information Portal
Vendor
Liferay
Product
Portal