漏洞描述
Spring Boot Jolokia 是一个用于管理和监控 Spring Boot 应用程序的开源库。Jolokia(Java + OSGi + JMX + JSON)是一个为Java应用程序提供远程JMX(Java Management Extensions)访问的框架。Spring Boot Jolokia 存在远程代码漏洞
SpringBoot Actuator Jolokia 远程代码执行漏洞
PoC代码
暂无相关漏洞推荐
- springboot-actuator-unauth: Springboot Actuator Unauth
- POC CVE-2018-1000129: Jolokia 1.3.7 - Cross-Site Scripting
- POC CVE-2018-1000130: Jolokia Agent - JNDI Code Injection
- POC CVE-2021-21234: Spring Boot Actuator Logview Directory Traversal
- POC CVE-2025-34026: Versa Concerto Actuator Endpoint - Authentication Bypass
- POC CVE-2021-21234: Spring Boot Actuator Logview Directory Traversal
- POC hikvision-env: Hikvision Springboot Env Actuator - Detect
- POC jolokia-mbean-search: Jolokia - Searching MBeans
- POC springboot-autoconfig: Detect Springboot autoconfig Actuator
- POC springboot-beans: Detect Springboot Beans Actuator
- POC springboot-caches: Springboot Actuator Caches
- POC springboot-conditions: Detect Springboot Conditions Actuator
- POC springboot-configprops: Detect Springboot Configprops Actuator