Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-VH38-GHX6-VMVG
HistoryMay 03, 2022 - 12:00 a.m.

Code Injection in Masuit.Tools.Core

2022-05-0300:00:46
Google
osv.dev
12
code injection
masuit.tools.core
arbitrary code execution
socketclient
binaryformatter
software

EPSS

0.004

Percentile

73.2%

JSON

All versions of package Masuit.Tools.Core are vulnerable to Arbitrary Code Execution via the ReceiveVarData<T> function in the SocketClient.cs component. The socket client in the package can pass in the payload via the user-controllable input after it has been established, because this socket client transmission does not have the appropriate restrictions or type bindings for the BinaryFormatter.

Related

github 1
cve 1
prion 1
veracode 1
cvelist 1
nvd 1
github
github
Code Injection in Masuit.Tools.Core
2022-05-03 00:00:46
cve
cve
CVE-2022-21167
2022-05-01 16:15:08
prion
prion
Code injection
2022-05-01 16:15:00
veracode
veracode
Arbitrary Code Execution
2022-05-06 15:07:56
cvelist
cvelist
CVE-2022-21167 Arbitrary Code Execution
2022-05-01 15:30:17
nvd
nvd
CVE-2022-21167
2022-05-01 16:15:08

EPSS

0.004

Percentile

73.2%

JSON
Related for OSV:GHSA-VH38-GHX6-VMVG
github1cve1prion1veracode1cvelist1nvd1