PT-2023-27070 · Unknown · Sollace Unicopia
Apple502J
·
Publicado
2023-10-19
·
Atualizado
2023-10-26
·
CVE-2023-39680
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Sollace Unicopia versions 1.1.1 and before
Description
The issue allows attackers to execute arbitrary code due to the deserialization of untrusted data.
Recommendations
For versions 1.1.1 and before, update to a version that does not deserialize untrusted data to prevent arbitrary code execution.
As a temporary workaround, consider restricting the input data to trusted sources until a patch is available.
Correção
Deserialization of Untrusted Data
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Sollace Unicopia