PT-2018-12591 · Redgate · Redgate Smartassembly+1

Soroush Dalili

Published

2018-07-31

Updated

2018-10-05

CVE-2018-14581

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Redgate .NET Reflector versions prior to 10.0.7.774 Redgate SmartAssembly versions prior to 6.12.5

Description The issue allows attackers to execute code by decompiling a compiled .NET object, such as a DLL or EXE file, with a specific embedded resource file.

Recommendations For Redgate .NET Reflector versions prior to 10.0.7.774, update to version 10.0.7.774 or later. For Redgate SmartAssembly versions prior to 6.12.5, update to version 6.12.5 or later.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2018-14581

Affected Products

Redgate .Net Reflector

Redgate Smartassembly

PT-2018-12591 · Redgate · Redgate Smartassembly+1

CVE-2018-14581

Weakness Enumeration

Related Identifiers

Affected Products

References · 5