CVE-2026-26333 Calero VeraSMART < 2022 R1 .NET Remoting Arbitrary File Read Leading to ViewState RCE

Calero VeraSMART versions prior to 2022 R1 expose an unauthenticated .NET Remoting HTTP service on TCP port 8001. The service publishes default ObjectURIs including EndeavorServer.rem and RemoteFileReceiver.rem and permits the use of SOAP and binary formatters with TypeFilterLevel set to Full. An...

Calero VeraSMART 代码问题漏洞

Calero VeraSMART is a telephone billing software developed by the American company Calero. Versions of Calero VeraSMART prior to 2022 R1 contained code vulnerabilities. These vulnerabilities stemmed from exposing an unauthenticated .NET Remoting HTTP service, which could allow arbitrary file...

Calero VeraSMART 安全漏洞

Calero VeraSMART is a telephone billing software developed by the American company Calero. Versions of Calero VeraSMART prior to 2022 R1 contained security vulnerabilities. These vulnerabilities stemmed from the use of static ASP.NET/IIS machineKey values, which could allow attackers to construct...

Calero VeraSMART 信任管理问题漏洞

Calero VeraSMART is a telephone billing software developed by the American company Calero. Versions of Calero VeraSMART prior to 2026 R1 contained a trust management vulnerability. This vulnerability stemmed from the hardcoded static AES encryption key contained in the Veramark.Framework.dll, whi...