Full title: Apache NiFi API Remote Code Execution Exploit 
Category: remote exploits
Platform: multiple
This Metasploit module uses the NiFi API to create an ExecuteProcess processor that will execute OS commands. The API must be unsecured (or credentials provided) and the ExecuteProcess processor must be available. An ExecuteProcessor processor is created then is configured with the payload and started. The processor is then stopped and deleted.

# 0day.today @ http://0day.today/