EMC Data Protection Advisor DPA Illuminator EJBInvokerServlet Remote Code Execution Exploit

This module exploits a remote code execution vulnerability in EMC Data Protection Advisor (DAP). Vulnerable installations of EMC DPA exposes the EJBInvokerServlet invoker servlet which does not require any type of authentication by default on certain profiles and allow remote attackers to invoke MBean methods and execute arbitrary code.
Exploit type: 
Vulnerabilty ID: 
Product Version: 
Released Date: 
Tuesday, April 29, 2014 - 00:00