nGrinder before 3.5.9 allows to accept serialized Java objects from unauthenticated users, which could allow remote attacker to execute arbitrary code via unsafe Java objects deserialization.
CVSS
No CVSS.
References
| Link | Resource |
|---|---|
| https://cve.naver.com/detail/cve-2024-28213.html |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: naver
Published: 2024-03-07T04:49:47.237Z
Updated: 2024-03-07T05:44:15.420Z
Reserved: 2024-03-07T02:38:58.221Z
Link: CVE-2024-28213
JSON object: View
NVD Information
Status : Awaiting Analysis
Published: 2024-03-07T05:15:54.710
Modified: 2024-03-07T13:52:27.110
Link: CVE-2024-28213
JSON object: View
Redhat Information
No data.
CWE