A directory traversal vulnerability in the DeploymentFileRepository class in JBoss Application Server allows remote attackers who are able to access the console manager to create files on arbitrary locations of the filesystem. This can be abused to gain execution of arbitrary code by sending special HTTP requests to the JMX Console. This module uploads an arbitrary .JSP file to the target in order to deploy an agent on it.
CVE Link
Product Name