CVE-2026-33439 Scanner
CVE-2026-33439 Scanner - Remote Code Execution (RCE) vulnerability in OpenAM
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
19 days 5 hours
Scan only one
Domain, Subdomain, IPv4
Toolbox
OpenAM is a widely used access management solution that provides authentication, authorization, and identity services in enterprise environments. Developed by OpenIdentityPlatform, its primary users include large organizations that require centralized access control mechanisms. OpenAM is often integrated into complex network infrastructures to provide comprehensive access security. It supports web and application servers across various platforms, making it a versatile option for cloud and on-prem solutions. As an open-source project, it attracts developers and businesses that benefit from its extensibility and community support.
This scanner detects a significant Remote Code Execution (RCE) vulnerability in OpenAM versions <= 16.0.5. This vulnerability stems from insecure deserialization of Java objects through the jato.clientSession parameter. An attacker can execute arbitrary commands on the server by submitting a crafted serialized object. The system is vulnerable even before authentication, offering attackers a pathway to exploit without prior access to credentials.
The vulnerability resides in the JATO framework endpoints, particularly when JSP pages with tags are involved. The scanner targets the 'jato.clientSession' parameter to identify if backend logic performs unsafe Java deserialization. Through a crafted client-side request, the vulnerability allows direct interaction with the affected endpoint, simulating conditions to trigger a response, indicating the presence of the flaw.
If malicious actors exploit this RCE vulnerability, they could gain unauthorized control over the affected server, executing commands seamlessly. This poses risks of data theft, system compromise, and lateral movement within the network. Organizations may face severe security breaches leading to downtime, financial loss, and reputational damage.
REFERENCES
