Exploit for Deserialization of Untrusted Data in Sernet Verinice CVE-2021-36981

Name: Exploit for Deserialization of Untrusted Data in Sernet Verinice CVE-2021-36981
Rating: 5 (254 reviews)

2022-04-20 | CVSS 9.0

## https://sploitus.com/exploit?id=4ADAA0CA-280E-5BD2-AD81-ED27AADC1F62
# CVE-2021-36981
Verinice.Pro 1.22.1 Unsafe Java deserialization of untrusted data, leading to Remote Code Execution using C3P0 gadget (authenticated)

PoC code to exploit the deserialization vulnerability.

See https://www.secianus.de/worum-geht-es/aktuelle-meldung/cve-2021-36981-verinicepro-unsafe-java-deserialization and https://verinice.com/en/support/security-advisory