CVE-2021-3160

CVE-2021-3160

Deserialization of untrusted data in the login page of ASSUWEB 359.3 build 1 subcomponent of ACA ASSUREX RENTES product allows a remote attacker to inject unsecure serialized Java object using a specially crafted HTTP request, resulting in an unauthenticated remote code execution on the server.

Source: CVE-2021-3160

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다