2 matches found
CVE-2024-28213
CVE-2024-28213 concerns nGrinder pre-3.5.9, where the application accepts serialized Java objects from unauthenticated users, enabling unsafe Java object deserialization that could lead to remote code execution. Affected software: nGrinder versions before 3.5.9. Root cause: lack of input filterin...
CVE-2024-28213
nGrinder before 3.5.9 allows to accept serialized Java objects from unauthenticated users, which could allow remote attacker to execute arbitrary code via unsafe Java objects deserialization...