JOIN BREACHFORUMS TELEGRAM
Liferay TunnelServlet Deserialization Remote Code Execution
by darkspeed - Thursday March 13, 2025 at 01:14 AM
Advanced User

Posts: 79
Threads: 4
Joined: Jan 2024
Reputation: 0
#1
Mar 13, 2025, 01:14 AM
Affected Versions:
  • Liferay Portal CE: 7.0 GA3, 7.0.1 GA2, 7.0.2 GA3
  • Liferay Portal EE: 6.0, 6.0 SP1, 6.0 SP2, 6.1 GA1, 6.1 GA2, 6.1 GA3, 6.2
Bypass Technique:
  • Filter Bypass:
    • ////api///////liferay
    • ///api///////spring
    • Nginx Forwarding Fails:
      /#/../api/liferay
PoC Exploit Code:
Hidden Content
You must register or login to view this content.
Reply
Advanced User

Posts: 59
Threads: 6
Joined: Sep 2024
Reputation: 0
#2
Mar 13, 2025, 02:06 AM
(Mar 13, 2025, 01:14 AM)darkspeed Wrote: Affected Versions:
  • Liferay Portal CE: 7.0 GA3, 7.0.1 GA2, 7.0.2 GA3
  • Liferay Portal EE: 6.0, 6.0 SP1, 6.0 SP2, 6.1 GA1, 6.1 GA2, 6.1 GA3, 6.2
Bypass Technique:
  • Filter Bypass:
    • ////api///////liferay
    • ///api///////spring
    • Nginx Forwarding Fails:
      /#/../api/liferay
PoC Exploit Code:
.......................
Reply
Advanced User

Posts: 103
Threads: 18
Joined: Nov 2023
Reputation: 31
#3
Mar 13, 2025, 06:17 AM
(Mar 13, 2025, 01:14 AM)darkspeed Wrote: Affected Versions:
  • Liferay Portal CE: 7.0 GA3, 7.0.1 GA2, 7.0.2 GA3
  • Liferay Portal EE: 6.0, 6.0 SP1, 6.0 SP2, 6.1 GA1, 6.1 GA2, 6.1 GA3, 6.2
Bypass Technique:
  • Filter Bypass:
    • ////api///////liferay
    • ///api///////spring
    • Nginx Forwarding Fails:
      /#/../api/liferay
PoC Exploit Code:

Thanks for sharing...will try this shit out...
Reply
Breached
Member
Posts: 3
Threads: 0
Joined: Mar 2025
Reputation: 0
#4
Mar 13, 2025, 06:52 AM
(Mar 13, 2025, 01:14 AM)darkspeed Wrote: Affected Versions:
  • Liferay Portal CE: 7.0 GA3, 7.0.1 GA2, 7.0.2 GA3
  • Liferay Portal EE: 6.0, 6.0 SP1, 6.0 SP2, 6.1 GA1, 6.1 GA2, 6.1 GA3, 6.2
Bypass Technique:
  • Filter Bypass:
    • ////api///////liferay
    • ///api///////spring
    • Nginx Forwarding Fails:
      /#/../api/liferay
PoC Exploit Code:


tttttthanks for your poc
Reply
Advanced User

Posts: 79
Threads: 4
Joined: Jan 2024
Reputation: 0
#5
Mar 14, 2025, 08:18 AM
(Mar 13, 2025, 06:17 AM)Banuk Wrote: Thanks for sharing...will try this shit out...

yeah I found a docker image for liferay 6.1, could be easy for you to build the environment
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  new wordpress website takeover vuln (video + poc ) zinzeur 313 27,762 8 hours ago
Last Post: Usercomplex
  {SECRET} DATABASE OF EXPLOITS lulagain 429 24,724 Yesterday, 08:54 PM
Last Post: Yjuddur
  Google Dorks for finding SQL injection vulnerabilities and other security issues 1yush 66 2,943 Yesterday, 08:51 PM
Last Post: Yjuddur
  Acunetix Premium Cracked v24 Full Activated A3g00n 22 1,329 Yesterday, 09:22 AM
Last Post: Usercomplex
  CVE-2024-32002 RCE PoC HA_twck 1 379 Apr 24, 2026, 05:13 AM
Last Post: p2wnz_bontensec

Forum Jump:


 Users browsing this forum: 1 Guest(s)