CVE-2021-21783

Name of the Vulnerable Software and Affected Versions gSOAP version 2.8.107

Description The issue is related to an integer overflow in the WS-Addressing plugin of the gSOAP software when processing SOAP requests. This can be exploited by a remote attacker to execute arbitrary code by sending specially crafted HTTP requests. The vulnerability can be triggered by sending a crafted SOAP request, allowing an attacker to execute code remotely.

Recommendations For gSOAP version 2.8.107, consider disabling the WS-Addressing plugin functionality until a patch is available to prevent potential exploitation. Restrict access to the SOAP request handling module to minimize the risk of remote code execution. Avoid using the vulnerable WS-Addressing plugin until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.