CVE-2021-33790

CVE-2021-33790

The RebornCore library before 4.7.3 allows remote code execution because it deserializes untrusted data in ObjectInputStream.readObject as part of reborncore.common.network.ExtendedPacketBuffer. An attacker can instantiate any class on the classpath with any data. A class usable for exploitation might or might not be present, depending on what Minecraft modifications are installed.

Source: CVE-2021-33790

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다