3 matches found
CVE-2022-27873
An attacker can force the victim’s device to perform arbitrary HTTP requests in WAN through a malicious SVG file being parsed by Autodesk Fusion 360’s document parser. The vulnerability exists in the application’s ‘Insert SVG’ procedure. An attacker can also leverage this vulnerability to obtain...
CVE-2022-27873
CVE-2022-27873 affects Autodesk Fusion 360 through the document parser’s Insert SVG pathway. The affected component is the SVG insertion logic in Fusion 360, which can cause the application to initiate arbitrary HTTP requests and potentially disclose the victim’s public IP (and possibly other inf...
macOS Autodesk Fusion 360 < 2.0.12888 XXE (adsk-sa-2022-0013)
The version of Autodesk Fusion 360 installed on the remote macOS or Mac OS X host is prior to 2.0.12888. It is, therefore, affected by an XML external entity XXE vulnerability that can cause a victim to perform arbitrary HTTP requests when parsing a malicious SVG file. An unauthenticated, remote...