The cookie rememberMe is encrypted by AES-128-CBC mode, and this can be vulnerable to padding oracle attacks. Attackers can use a vaild rememberMe cookie as the prefix for the Padding Oracle Attack,then make a crafted rememberMe to perform the java deserilization attack like
Steps to reproduce this issue:
- Login in the website and get the rememberMe from the cookie.
- Use the rememberMe cookie as the prefix for Padding Oracle Attack.
- Encrypt a ysoserial's serialization payload to make a crafted rememberMe via Padding Oracle Attack.
- Request the website with the new rememberMe cookie, to perform the deserialization attack.
The attacker doesn't need to know the cipher key of the rememberMe encryption.