{"vulnerability": "CVE-2020-7961", "sightings": [{"uuid": "37040d8e-b344-4173-9b03-cdd920bddf28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7961", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "5c7d28dc-89bf-449d-8b08-2e4e7f530fca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7961", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:18.000000Z"}, {"uuid": "4a61c971-34b3-4e8a-976c-2f8b98589766", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7961", "type": "seen", "source": "MISP/8bf50bb8-94dd-4004-a646-5f78db6f0b6a", "content": "", "creation_timestamp": "2022-07-13T13:02:16.000000Z"}, {"uuid": "842ebe52-5e4c-4368-bc35-3c4d89d442bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7961", "type": "exploited", "source": "https://www.exploit-db.com/exploits/48332", "content": "", "creation_timestamp": "2020-04-16T00:00:00.000000Z"}, {"uuid": "f6fa76e4-93d6-40f2-8381-da9c64988dc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7961", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971052", "content": "", "creation_timestamp": "2024-12-24T20:23:35.326164Z"}, {"uuid": "b72229e0-2fcb-40eb-8b46-cabf8154d9c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7961", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:44.000000Z"}, {"uuid": "e106a6f9-80ed-4609-896c-58fdfac1b75c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7961", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:31.000000Z"}, {"uuid": "43dcc008-3248-42e3-b310-9d088f886939", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7961", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/liferay_java_unmarshalling.rb", "content": "", "creation_timestamp": "2020-04-15T04:46:00.000000Z"}, {"uuid": "ef8dcbaa-fc55-4db3-b12a-859cc08826f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7961", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:49.000000Z"}, {"uuid": "c6207810-458d-42d9-990e-20de83aa1683", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2020-7961", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/617c6eff-8636-45f1-8ba4-a2b6949d071a", "content": "", "creation_timestamp": "2026-02-02T12:28:47.936252Z"}, {"uuid": "918353bc-d3db-4acd-b3b0-f3b4dfaf0305", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2020-7961", "type": "seen", "source": "https://bsky.app/profile/securitycipher.bsky.social/post/3mgdq56gqoy2g", "content": "", "creation_timestamp": "2026-03-05T21:21:50.245154Z"}, {"uuid": "802d4b06-0633-4484-900e-97f44a2d6fdd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7961", "type": "published-proof-of-concept", "source": "https://t.me/Blackhat_Officials/834", "content": "Python cve-2020-7961.py\n\nPython cve-2020-7961.py -f url.txt\n\n\u6267\u884c whoami \u547d\u4ee4 \n\n#py", "creation_timestamp": "2023-11-23T11:23:59.000000Z"}, {"uuid": "9c848fc8-2062-4a04-bcbc-1c3b77b271ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7961", "type": "published-proof-of-concept", "source": "https://github.com/google/tsunami-security-scanner-plugins/tree/master/google/detectors/rce/liferay_portal/cve20207961", "content": "", "creation_timestamp": "2021-02-05T21:43:47.000000Z"}, {"uuid": "7c34cc0a-616b-466f-bf13-65a5a8800011", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7961", "type": "seen", "source": "https://t.me/pwnwiki_zhchannel/662", "content": "CVE-2020-7961 Liferay Portal Json Web Service \u53cd\u5e8f\u5217\u5316\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2020-7961_Liferay_Portal_Json_Web_Service_%E5%8F%8D%E5%BA%8F%E5%88%97%E5%8C%96%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-06-17T00:51:48.000000Z"}, {"uuid": "a70977ce-1c4b-4431-be63-8eb9b6a7116d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7961", "type": "seen", "source": "https://t.me/arpsyndicate/591", "content": "#ExploitObserverAlert\n\nCVE-2020-7961\n\nDESCRIPTION: Exploit Observer has 106 entries related to CVE-2020-7961. Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSON web services (JSONWS).\n\nFIRST-EPSS: 0.973420000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-27T21:23:30.000000Z"}, {"uuid": "4547f838-c3bd-40ab-893b-89d088d7d3f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7961", "type": "seen", "source": "https://t.me/true_secator/2035", "content": "\u200b\u200b\u0410\u0434\u043c\u0438\u043d\u0430\u043c \u043d\u0430 \u0437\u0430\u043c\u0435\u0442\u043a\u0443! \n\n\u0415\u0441\u043b\u0438 \u0432\u044b \u043d\u0435 \u0437\u043d\u0430\u043b\u0438 \u0447\u0435\u043c \u0441\u0435\u0431\u044f \u0437\u0430\u043d\u044f\u0442\u044c \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0438\u0435 \u0431\u0443\u0434\u043d\u0438, \u0442\u043e \u0441\u0430\u043c\u043e\u0435 \u0432\u0440\u0435\u043c\u044f \u043f\u0440\u043e\u0432\u0435\u0441\u0442\u0438 \u0440\u0435\u0432\u0438\u0437\u0438\u044e \u0441\u0435\u0442\u0435\u0439 \u0441\u0432\u043e\u0435\u0439 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u043d\u0430\u043b\u0438\u0447\u0438\u044f \u0441\u0430\u043c\u044b\u0445 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Trend Micro \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d \u0430\u0440\u0441\u0435\u043d\u0430\u043b \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u0438\u0437 \u0422\u041e\u041f-15 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Linux:\n\n- CVE-2017-9805: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043b\u0430\u0433\u0438\u043d\u0430 REST \u0434\u043b\u044f Apache Struts 2, XStream RCE.\n- CVE-2018-7600: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Drupal Core RCE.\n- CVE-2020-14750: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Oracle WebLogic Server RCE.\n- CVE-2020-25213: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c RCE \u043f\u043b\u0430\u0433\u0438\u043d\u0430 WordPress File Manager (wp-file-manager).\n- CVE-2020-17496: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c RCE \u0432  \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u0432 vBulletin subwidgetConfig\n- CVE-2020-11651: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0431\u0430\u0433\u043e\u0432 \u0432 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438 SaltStack Salt.\n- CVE-2017-12611: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c RCE \u0432 \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u0438 OGNL \u0432 Apache Struts.\n- CVE-2017-7657: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0446\u0435\u043b\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u043c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0434\u043b\u0438\u043d\u044b \u0431\u043b\u043e\u043a\u0430 Eclipse Jetty.\n- CVE-2021-29441: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 Alibaba Nacos AuthFilter.\n- CVE-2020-14179: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Atlassian Jira, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n- CVE-2013-4547: Nginx \u0441\u043e\u0437\u0434\u0430\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0432 \u0441\u0442\u0440\u043e\u043a\u0435 URI.\n- CVE-2019-0230: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Apache Struts 2 RCE.\n- CVE-2018-11776: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c RCE \u0432 \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u0438 OGNL \u0432 Apache Struts.\n- CVE-2020-7961: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435\u043d\u0430\u0434\u0435\u0436\u043d\u043e\u0439 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 Liferay Portal.\n\n\u0420\u0430\u0431\u043e\u0442\u043d\u0435\u043c, \u043f\u043e\u0436\u0430\u043b\u0443\u0439.", "creation_timestamp": "2021-08-25T13:22:18.000000Z"}, {"uuid": "a8632cf1-63ae-4e86-806d-e1e65e294fe8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7961", "type": "published-proof-of-concept", "source": "Telegram/bYgGR2Ko8QqgBdBnz2mJdpD0cE5gPnuKPtXHvM2SD_iTQBVU", "content": "", "creation_timestamp": "2022-05-14T20:19:12.000000Z"}, {"uuid": "dc883f87-e901-4325-b02c-7b49f3abd021", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7961", "type": "published-proof-of-concept", "source": "Telegram/_JklJMa5Ti5t7LVROqdFcwMccnlDJksoXS_-FF-ronoHYHCu", "content": "", "creation_timestamp": "2022-05-14T19:49:09.000000Z"}, {"uuid": "0555e93a-1bbd-4283-a106-a70746700aa5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7961", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/4056", "content": "POC for Unauthenticated Remote code execution via JSONWS (LPS-97029/CVE-2020-7961) in Liferay 7.2.0 CE GA1 https://github.com/mzer0one/CVE-2020-7961-POC", "creation_timestamp": "2020-03-30T13:40:04.000000Z"}, {"uuid": "2a2da57c-ce4e-4558-80b0-3485f0843c08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7961", "type": "published-proof-of-concept", "source": "https://t.me/hackingtoolsprvi8/2167", "content": "password : 123", "creation_timestamp": "2022-07-16T12:14:45.000000Z"}, {"uuid": "30df318a-952d-46e8-b590-1fd4abcfd7e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7961", "type": "exploited", "source": "https://t.me/hackingtoolsprvi8/2168", "content": "RCE MASS Liferay Portal Unauthenticated RCE cve-2020-7961 (2020)\n\nPython Version : Python3\n\nUsage :\npython3 -m install requests colorama\n\npython3 rce.py urllist.txt ( For a single target )\n\npython3 mass.py urllist.txt ( For a list target )\n\nSaved file to: linux.txt, win.txt\n\nAFTER get Vulnerability site get shell by python shell.py url.com ( vuln scanned by rce )\n\nLink Download : HERE", "creation_timestamp": "2023-09-15T06:35:07.000000Z"}, {"uuid": "d4602890-6341-45dd-bd77-c71f2cc5c53d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7961", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1572", "content": "Python cve-2020-7961.py\n\nPython cve-2020-7961.py -f url.txt\n\n\u6267\u884c whoami \u547d\u4ee4 \n\n#py", "creation_timestamp": "2023-11-25T05:28:53.000000Z"}, {"uuid": "372cd27a-ca4b-47f3-9a17-c76c4023ab18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7961", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/867", "content": "#exploit\n1. CVE-2020-8816:\nPi-hole RCE PoC\nhttps://natedotred.wordpress.com/2020/03/28/cve-2020-8816-pi-hole-remote-code-execution\n\n2. CVE-2020-7961:\nDeserialization of Untrusted Data in Liferay Portal <7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSONWS\nhttps://github.com/mzer0one/CVE-2020-7961-POC\n]-> Generator: https://gist.github.com/testanull/4f8a9305b5b57ab8e7f15bbb0fb93461\n]-> Payload: https://gist.github.com/testanull/4bb77519acf2c8e919f8d9b015eda880\n]-> Debug diary: https://m.facebook.com/notes/nguy%E1%BB%85n-ti%E1%BA%BFn-giang/cve-2020-7961-debug-diary-liferay-deserialization-part-5/2802738799840067", "creation_timestamp": "2024-10-18T16:42:40.000000Z"}, {"uuid": "1d8e989f-64b2-450d-98dc-a40345fd5962", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7961", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2661", "content": "#Analytics\n10 most exploited vulnerabilities of the week (feb 1-7)\nCVE-2020-1350 - Exploit SIGRed/Windows DNS Server RCE\nhttps://t.me/cybersecuritytechnologies/1422\nCVE-2021-3156 - Heap-Based Buffer Overflow in Sudo\nhttps://t.me/cybersecuritytechnologies/2577\nCVE-2020-7961 - Arbitrary code execution via JSONWS\nhttps://t.me/cybersecuritytechnologies/869\nCVE-2021-25646 - Apache Druid <=0.20.1 RCE\nhttps://t.me/cybersecuritytechnologies/2639\nCVE-2020-27932 - A type confusion in MacOS 10.15.7\nhttps://t.me/cybersecuritytechnologies/2383\nCVE-2019-9041 - ZzzCMS RCE\nhttps://mobile.twitter.com/i/web/status/1357931580098899970\nCVE-2021-22122 - XSS vulnerability in FortiWeb\nhttps://vulmon.com/vulnerabilitydetails?qid=CVE-2021-22122\nCVE-2019-5127 - A cmd injection in YouPHPTube Encoder\nhttps://mobile.twitter.com/i/web/status/1357546718821142528\nCVE-2020-17523 - Apache Shiro pathMatches Auth. Bypass\nhttps://t.me/cybersecuritytechnologies/2650", "creation_timestamp": "2024-05-22T06:15:17.000000Z"}]}