Exploit for Improper Input Validation in Apache Log4J CVE-2021-44228

Name: Exploit for Improper Input Validation in Apache Log4J CVE-2021-44228
Rating: 5 (203 reviews)

2021-12-12 | CVSS 9.3

## https://sploitus.com/exploit?id=94E003E0-82AE-5CFE-8818-DBA1610BDE3B
# CVE-2021-44228 in Minecraft
- Java 16
- Paper server build #397
- Minecraft 1.17.1

# Exploitation
In Java 16 only deserialization attacks work by default using log4j. To exploit this there needs to be a vulnerable serializable class in the classpath.
In the current state of this repository the server will only send a serialized string object. If you found a vulnerable serializable class feel free to create a pull request.