CVE-2024-48030

Name of the Vulnerable Software and Affected Versions Telecash Ricaricaweb versions n/a through 2.2

Description A Deserialization of Untrusted Data vulnerability is present in Gabriele Valenti's Telecash Ricaricaweb, allowing Object Injection. This issue affects the specified versions of Telecash Ricaricaweb.

Recommendations For versions n/a through 2.2, consider disabling the deserialization of untrusted data as a temporary workaround until a patch is available. Restrict access to sensitive areas of the application to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.