3 matches found
CVE-2023-48886
A deserialization vulnerability in NettyRpc v1.2 allows attackers to execute arbitrary commands via sending a crafted RPC request...
Deserialization of untrusted data
A deserialization vulnerability in NettyRpc v1.2 allows attackers to execute arbitrary commands via sending a crafted RPC request...
CVE-2023-48886
Summary: CVE-2023-48886 targets NettyRpc v1.2 with a deserialization vulnerability that enables remote arbitrary command execution via a crafted RPC request. The CVSS v3.1 base score reported is 9.8 (CRITICAL), with network access required and no user interaction. Several connected sources corrob...