3 matches found
CVE-2023-37286
SmartSoft SmartBPM.NET has a vulnerability of using hard-coded machine key. An unauthenticated remote attacker can use the machine key to send serialized payload to the server to execute arbitrary code and disrupt service...
CVE-2023-37286
SmartSoft SmartBPM.NET has a vulnerability of using hard-coded machine key. An unauthenticated remote attacker can use the machine key to send serialized payload to the server to execute arbitrary code and disrupt service...
CVE-2023-37286
SmartSoft SmartBPM.NET is affected by a vulnerability due to a hard-coded machine key. An unauthenticated remote attacker could use the machine key to send a serialized payload to the server, potentially achieving arbitrary code execution and disrupting service. CVSS 3.1 base score 9.8 (CRITICAL)...