AI Score
Confidence
High
EPSS
Percentile
9.0%
nGrinder before 3.5.9 allows to accept serialized Java objects from unauthenticated users, which could allow remote attacker to execute arbitrary code via unsafe Java objects deserialization.
cve.naver.com/detail/cve-2024-28213.html
github.com/naver/ngrinder
github.com/naver/ngrinder/commit/85efa4a075354e077a700262ef78e2e9119881bf
nvd.nist.gov/vuln/detail/CVE-2024-28213