exploitDog

GHSA-gm82-r7hx-vc9c

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to execute arbitrary code as SYSTEM because of Java deserialization in MvcUtil valueStringToObject.

NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to execute arbitrary code as SYSTEM because of Java deserialization in MvcUtil valueStringToObject.

Ссылки

EPSS

Процентиль: 98%

0.64438

Средний

CVE ID

Дефекты

CWE-502

Связанные уязвимости

CVE-2021-26914

CVSS3: 8.1

nvd

почти 5 лет назад

NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to execute arbitrary code as SYSTEM because of Java deserialization in MvcUtil valueStringToObject.

EPSS

Процентиль: 98%

0.64438

Средний

CVE ID

Дефекты

CWE-502