5 matches found
CVE-2024-13971
Unauthenticated attackers can exploit a weakness in the XML parser functionality of Lobsterpro prior to version 4.12.6-GA. This allows them to obtain read access to files on the application server and adjacent network shares, and perform HTTP GET requests to arbitrary services...
CVE-2024-13971 Arbitrary File Read and Server Side Request Forgery via XML External Entities in Lobster_pro
Unauthenticated attackers can exploit a weakness in the XML parser functionality of Lobsterpro prior to version 4.12.6-GA. This allows them to obtain read access to files on the application server and adjacent network shares, and perform HTTP GET requests to arbitrary services...
EUVD-2024-55563
Unauthenticated attackers can exploit a weakness in the XML parser functionality of Lobsterpro prior to version 4.12.6-GA. This allows them to obtain read access to files on the application server and adjacent network shares, and perform HTTP GET requests to arbitrary services...
PT-2026-36092
Name of the Vulnerable Software and Affected Versions Lobster pro versions prior to 4.12.6-GA Description Unauthenticated attackers can exploit a weakness in the XML parser functionality. This allows for read access to files on the application server and adjacent network shares, as well as the...
Lobster_pro 代码问题漏洞
Lobsterpro is a middleware platform developed by the German company Lobster, used for enterprise data integration and process orchestration. Versions of Lobsterpro prior to 4.12.6-GA contained code vulnerabilities. These vulnerabilities stemmed from weaknesses in the XML parser’s functionality,...