Back to directory

WRITEUP #795

CVE-2023-34040 Spring Kafka Deserialization Remote Code Execution

DeserializationInsecure deserializationRCE

by@pyn3rd(pyn3rd)

Program

VMware (Spring Kafka)

Published

Sep 15, 2023

Added to HackDex

Oct 3, 2023

Read Full Writeuphttps://pyn3rd.github.io/2023/09/15/CVE-2023-34040-Spring-Kafka-Deserialization-Remote-Code-Execution/

▸ RELATED WRITEUPS

Attacking PowerShell CLIXML Deserialization

DeserializationInsecure deserialization

Getting code execution on Veeam through CVE-2023-27532

RCEInsecure deserialization

3 ways to get Remote Code Execution in Kafka UI

RCEInsecure deserialization

Dynamics 365 Business Central - A Journey With Ups and Downs

DeserializationInsecure deserialization

Shelltorch Explained: Multiple Vulnerabilities in Pytorch Model Server (Torchserve) (CVSS 9.9, CVSS 9.8) Walkthrough

Built with ❤️ by Shubham Rawat