{"vulnerability": "CVE-2016-4437", "sightings": [{"uuid": "d3d8f2a9-551d-4d0b-a471-1f2f2840ea02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-4437", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "c7667043-3f51-4ea1-a14c-6ba06ddb7df9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-4437", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:16.000000Z"}, {"uuid": "d6c1ca47-84c9-4085-9431-4576173745af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-4437", "type": "exploited", "source": "https://www.exploit-db.com/exploits/48410", "content": "", "creation_timestamp": "2020-05-01T00:00:00.000000Z"}, {"uuid": "fdf73a2a-7b4b-47d8-85be-3c9ea2331d70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-4437", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971154", "content": "", "creation_timestamp": "2024-12-24T20:25:03.191336Z"}, {"uuid": "5e331303-3611-40fb-b5d9-fa827aa9c35f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-4437", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:42.000000Z"}, {"uuid": "db3926ca-88ca-46d2-b2a2-670e99c385bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-4437", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:09:47.000000Z"}, {"uuid": "dd91be07-c46e-4d6f-80e9-5e754e5ee42a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-4437", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:38.000000Z"}, {"uuid": "d01b32cc-5555-4496-a933-fc249c2b8990", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-4437", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2647", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1a\u53cd\u5e8f\u5217\u5316\n\u63cf\u8ff0\uff1a\u4e00\u4e2a\u9488\u5bf9shiro\u53cd\u5e8f\u5217\u5316\u6f0f\u6d1e(CVE-2016-4437)\u7684\u5feb\u901f\u5229\u7528\u5de5\u5177/A simple tool targeted at shiro framework attacks with ysoserial.\nURL\uff1ahttps://github.com/4nth0ny1130/shisoserial\n\n\u6807\u7b7e\uff1a#\u53cd\u5e8f\u5217\u5316", "creation_timestamp": "2022-07-06T02:38:13.000000Z"}, {"uuid": "b42a58f8-5183-4e4c-863b-e8c9722b7253", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-4437", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/shiro_rememberme_v124_deserialize.rb", "content": "", "creation_timestamp": "2020-04-28T19:46:19.000000Z"}, {"uuid": "bbde8f01-b63a-4b50-87f5-0c00b517c372", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2016-4437", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/3dd0fd7e-5f32-4d1d-9f44-a1a29343d841", "content": "", "creation_timestamp": "2026-02-02T12:28:35.380057Z"}, {"uuid": "aacc9e17-beb2-4c03-a45f-3ea4f4b549d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-4437", "type": "seen", "source": "https://t.me/arpsyndicate/1302", "content": "#ExploitObserverAlert\n\nCVE-2016-4437\n\nDESCRIPTION: Exploit Observer has 64 entries related to CVE-2016-4437. Apache Shiro before 1.2.5, when a cipher key has not been configured for the \"remember me\" feature, allows remote attackers to execute arbitrary code or bypass intended access restrictions via an unspecified request parameter.\n\nFIRST-EPSS: 0.975070000\nNVD-IS: 5.9\nNVD-ES: 2.2", "creation_timestamp": "2023-12-04T20:52:38.000000Z"}, {"uuid": "057a77f7-4695-4ec5-84c0-7983b760f975", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-4437", "type": "published-proof-of-concept", "source": "https://t.me/pwnwiki_zhchannel/80", "content": "CVE-2016-4437 Shiro\u53cd\u5e8f\u5217\u5316\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=Z9bU8v", "creation_timestamp": "2021-09-21T06:42:52.000000Z"}, {"uuid": "2d99a8a0-f5b2-4abe-a396-fa6803b51217", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-4437", "type": "seen", "source": "https://t.me/cibsecurity/40174", "content": "\u203c CVE-2020-19229 \u203c\n\nJeesite 1.2.7 uses the apache shiro version 1.2.3 affected by CVE-2016-4437. Because of this version of the java deserialization vulnerability, an attacker could exploit the vulnerability to execute arbitrary commands via the rememberMe parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-05T20:28:55.000000Z"}, {"uuid": "6c1c6f94-e8d7-4610-b492-3e1dcbde9dd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-4437", "type": "seen", "source": "https://t.me/VulnerabilityNews/27461", "content": "Jeesite 1.2.7 uses the apache shiro version 1.2.3 affected by CVE-2016-4437. Because of this version of the java deserialization vulnerability, an attacker could exploit the vulnerability to execute arbitrary commands via the rememberMe parameter.\nPublished at: April 05, 2022 at 06:15PM\nView on website", "creation_timestamp": "2022-04-05T20:42:26.000000Z"}]}