Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2024-28213

Published: 07/03/2024 Updated: 07/03/2024

Vulnerability Summary

nGrinder prior to 3.5.9 allows to accept serialized Java objects from unauthenticated users, which could allow remote malicious user to execute arbitrary code via unsafe Java objects deserialization.

Github Repositories

https://github.com/0x1x02/CVE-2024-28213

Here's a brief description of CVE-2024-28213: "CVE-2024-28213 is a critical vulnerability affecting versions prior to 3.5.9 of nGrinder. It allows unauthenticated users to send serialized Java objects to the application, potentially leading to the execution of arbitrary code through unsafe Java object deserialization.

CVE-2024-28213 Vulnerability Description nGrinder version prior to 359 is vulnerable to a critical security issue, CVE-2024-28213 This vulnerability allows unauthenticated users to send serialized Java objects to the application, potentially enabling a remote attacker to execute arbitrary code through unsafe Java object deserialization Vulnerability Details CVE ID: CVE-202

References

https://cve.naver.com/detail/cve-2024-28213.htmlhttps://nvd.nist.govhttps://github.com/0x1x02/CVE-2024-28213
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypassCVE-2024-30051remoteCVE-2024-27954CVE-2023-51483CVE-2023-47782SSRFCVE-2024-24715CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook