CVE-2022-27873

Name of the Vulnerable Software and Affected Versions Autodesk Fusion 360 (affected versions not specified)

Description The issue allows an attacker to force a victim's device to perform arbitrary HTTP requests in WAN through a malicious SVG file being parsed by Autodesk Fusion 360's document parser. This occurs in the application's 'Insert SVG' procedure. An attacker can also leverage this to obtain the victim's public IP and possibly other sensitive information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.