197 matches found
CVE-2025-34489 GFI MailEssentials < 21.8 Local Privilege Escalation
GFI MailEssentials prior to version 21.8 is vulnerable to a local privilege escalation issue. A local attacker can escalate to NT Authority/SYSTEM by sending a crafted serialized payload to a .NET Remoting Service...
CVE-2024-32499
Newforma Project Center Server through 2023.3.0.32259 allows remote code execution because .NET Remoting is exposed...
CVE-2024-32499
Newforma Project Center Server through 2023.3.0.32259 allows remote code execution because .NET Remoting is exposed...
PT-2025-18105 · Gfi · Gfi Mailessentials
Name of the Vulnerable Software and Affected Versions: GFI MailEssentials versions prior to 21.8 Description: A local privilege escalation issue exists, allowing a local attacker to escalate to NT Authority/SYSTEM by sending a crafted serialized payload to a .NET Remoting Service. Recommendations...
PT-2025-18095 · Newforma · Newforma Project Center Server
Name of the Vulnerable Software and Affected Versions: Newforma Project Center Server versions through 2023.3.0.32259 Description: The issue allows remote code execution because .NET Remoting is exposed. Recommendations: For Newforma Project Center Server versions through 2023.3.0.32259, consider...
CVE-2024-32499
CVE-2024-32499 affects Newforma Project Center Server up to version 2023.3.0.32259, where remote code execution is possible because .NET Remoting is exposed. The connected PT-security entry confirms the vulnerability class and impact, describing that remote code execution can occur via exposed .N...
CVE-2025-3425
The IntelliSpace portal application utilizes .NET Remoting for its functionality. The vulnerability arises from the exploitation of port 755 through the deserialization vulnerability. After analyzing the configuration files, we observed that the server had set the TypeFilterLevel to Full which is...
CVE-2025-3424
The IntelliSpace portal application utilizes .NET Remoting for its functionality. The vulnerability arises from the exploitation of port 755 through the "Object Marshalling" technique, which allows an attacker to read internal files without any authentication. This is possible by crafting specifi...
CVE-2025-3426
We observed that Intellispace Portal binaries doesn’t have any protection mechanisms to prevent reverse engineering. Specifically, the app’s code is not obfuscated, and no measures are in place to protect against decompilation, disassembly, or debugging. As a result, attackers can reverse-enginee...
CVE-2025-3426
We observed that Intellispace Portal binaries doesn’t have any protection mechanisms to prevent reverse engineering. Specifically, the app’s code is not obfuscated, and no measures are in place to protect against decompilation, disassembly, or debugging. As a result, attackers can reverse-enginee...
CVE-2025-3426 Use of default hardcoded credentials
We observed that Intellispace Portal binaries doesn’t have any protection mechanisms to prevent reverse engineering. Specifically, the app’s code is not obfuscated, and no measures are in place to protect against decompilation, disassembly, or debugging. As a result, attackers can reverse-enginee...
CVE-2025-3426 Use of default hardcoded credentials
We observed that Intellispace Portal binaries doesn’t have any protection mechanisms to prevent reverse engineering. Specifically, the app’s code is not obfuscated, and no measures are in place to protect against decompilation, disassembly, or debugging. As a result, attackers can reverse-enginee...
CVE-2025-3424
The IntelliSpace portal application utilizes .NET Remoting for its functionality. The vulnerability arises from the exploitation of port 755 through the "Object Marshalling" technique, which allows an attacker to read internal files without any authentication. This is possible by crafting specifi...
CVE-2025-3425 Unauthenticated Remote Code Execution via .NET Deserialization
The IntelliSpace portal application utilizes .NET Remoting for its functionality. The vulnerability arises from the exploitation of port 755 through the deserialization vulnerability. After analyzing the configuration files, we observed that the server had set the TypeFilterLevel to Full which is...
CVE-2025-3424 3.2.1 Arbitrary File Read in insecure .NET Remoting TCP Channel
The IntelliSpace portal application utilizes .NET Remoting for its functionality. The vulnerability arises from the exploitation of port 755 through the "Object Marshalling" technique, which allows an attacker to read internal files without any authentication. This is possible by crafting specifi...
CVE-2025-3424
The CVE-2025-3424 issue affects Philips IntelliSpace Portal (versions 12 and prior) and stems from the .NET Remoting-based access on port 755 via Object Marshalling, enabling an unauthenticated attacker to read internal files by crafting specific Remoting URLs derived from client-side configurati...
CVE-2025-3424 3.2.1 Arbitrary File Read in insecure .NET Remoting TCP Channel
The IntelliSpace portal application utilizes .NET Remoting for its functionality. The vulnerability arises from the exploitation of port 755 through the "Object Marshalling" technique, which allows an attacker to read internal files without any authentication. This is possible by crafting specifi...
CVE-2025-27816
A vulnerability was discovered in the Arctera InfoScale 7.0 through 8.0.2 where a .NET remoting endpoint can be exploited due to the insecure deserialization of potentially untrusted messages. The vulnerability is present in the Windows PluginHost service, which runs on all the servers where...
CVE-2025-27816
A vulnerability was discovered in the Arctera InfoScale 7.0 through 8.0.2 where a .NET remoting endpoint can be exploited due to the insecure deserialization of potentially untrusted messages. The vulnerability is present in the Windows PluginHost service, which runs on all the servers where...
CVE-2025-27816
CVE-2025-27816 is a vulnerability in Arctera InfoScale 7.0–8.0.2 where insecure deserialization of untrusted messages in a .NET remoting endpoint can be exploited via the Windows Plugin_Host service (used when Disaster Recovery is configured). The DR Wizard-enabled deployment exposes this endpoin...