This whitepaper discusses highlights of findings related to remote code execution leveraging JMX/RMI.
You can download it from the following link: https://packetstormsecurity.com/files/download/152234/JMXRMI_RedTimmySec.pdf
Source: https://packetstormsecurity.com/files/152234/JMX-RMI-Multiple-Applications-RCE.html