Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2023-45146
HistoryOct 18, 2023 - 10:15 p.m.

Remote code execution

2023-10-1822:15:00
PRIOn knowledge base
www.prio-n.com
3
remote code execution
xxl-rpc
netty framework
hessian serialization
attackers
malicious objects
machine takeover

9.8 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.6%

JSON

XXL-RPC is a high performance, distributed RPC framework. With it, a TCP server can be set up using the Netty framework and the Hessian serialization mechanism. When such a configuration is used, attackers may be able to connect to the server and provide malicious serialized objects that, once deserialized, force it to execute arbitrary code. This can be abused to take control of the machine the server is running by way of remote code execution. This issue has not been fixed.

CPENameOperatorVersion
xxl-rpcle1.7.0

Related

cvelist 1
osv 1
cve 1
nvd 1
cvelist
cvelist
CVE-2023-45146 Remote code execution in XXL-RPC
2023-10-18 21:56:55
osv
osv
CVE-2023-45146
2023-10-18 22:15:09
cve
cve
CVE-2023-45146
2023-10-18 22:15:09
nvd
nvd
CVE-2023-45146
2023-10-18 22:15:09

9.8 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.6%

JSON
Related for PRION:CVE-2023-45146
cvelist1osv1cve1nvd1