3 matches found
CVE-2022-34268
An issue was discovered in RWS WorldServer before 11.7.3. /clientLogin deserializes Java objects without authentication, leading to command execution on the host...
CVE-2022-34268
creationtimestamp| type| source ---|---|--- 2023-12-25 09:31:15+00:00| seen| https://t.me/ctinow/159169 2023-12-28 05:42:33+00:00| seen| https://t.me/arpsyndicate/2200 2024-01-04 04:21:52+00:00| seen| https://t.me/ctinow/162754 2024-01-19 09:16:27+00:00| seen| https://t.me/ctinow/170107...
CVE-2022-34268
CVE-2022-34268 : RWS WorldServer prior to 11.7.3 contains an insecure deserialization flaw in the /clientLogin endpoint, allowing deserialized Java objects without authentication and resulting in command execution on the host. Affected products/versions: RWS WorldServer before 11.7.3. Impact: hig...