Exploit for CVE-2014-3120

  1. Home
  2. Uncategorized
  3. Exploit for CVE-2014-3120

Exploit for CVE-2014-3120

The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search. NOTE: this only violates the vendor's intended security policy if the user does not run Elasticsearch in its own independent virtual machine.

Published: 2014-07-28

CVSS: 8.1

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Download Exploit for CVE-2014-3120 here:

Use Tor Browser to access .onion links.

Check our team here:

https://wednesfieldacademy.com/exploit-60-cve-2024-38821/

https://wednesfieldacademy.com/exploit-838-cve-2023-6932/

https://wednesfieldacademy.com/exploit-3-cve-2025-49554/

https://wednesfieldacademy.com/exploit-940-cve-2022-0004/

Latest News

Follow us on Social Media

Popular Pages

Contact Info

Wednesfield Academy
Lichfield Road
Wednesfield, Wolverhampton
West Midlands
WV11 3ES

T: 01902 558 222

postbox@wednesfieldacademy.co.uk

Monday - Thursday: 8:00 am - 4:00 pm
Friday: 8:00 am - 3:30 pm

Copyright 2026 © All Rights Reserved

 Privacy Notice

CEOP-1

Loading