2

I am trying to understand the CVE-2020-15505 - [RCE on MobileIron MDM]

from some references like: https://blog.orange.tw/2020/09/how-i-hacked-facebook-again-mobileiron-mdm-rce.html

they all start there exploit by using "POST /mifs/.;/services/LogService". my question is, what is the mean of this request?

khadeeja salem
  • 29
  • 1
  • 3

1 Answers1

2

/mifs/ is the webroot of MobileIron
/services/LogService is the vulnerable endpoint of Hessian Deserialization

About the /.;/, you can refer my Breaking Parser Logic research in 2018

Orange Tsai
  • 21
  • 1