ГлавнаяУязвимости → CVE-2024-28213
9.8критическая

CVE-2024-28213

Описание

nGrinder before 3.5.9 allows to accept serialized Java objects from unauthenticated users, which could allow remote attacker to execute arbitrary code via unsafe Java objects deserialization.

Затрагиваемое ПО
Naver Ngrinder
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://cve.naver.com/detail/cve-2024-28213.htmlhttps://cve.naver.com/detail/cve-2024-28213.html