JBoss vulnerability test | Joachim De Zutter
19th of November 2011, it came to my attention that from IP address the vulnerability of an Apache server running on HTTP port 8080 was tested by requesting /jmx-console/HtmlAdaptor which wasn't present. On unsecure JBoss servers /jmx-console/HtmlAdaptor can be accessed without user authentication which can be exploited by attackers to upload and deploy war files on the server in order to execute arbitrary commands.

Provider: 34SP.com (United Kingdom)