Exploit for CVE-2021-46703

CVE-2021-46703 Simple payload builder based on POC in: https:/...

Antaris RazorEngine has an unspecified vulnerability

Antaris RazorEngine is an open source templating engine based on Microsoft's Razor parsing engine from Matthew Abbott, a personal developer in the U.K. Antaris RazorEngine contains a security vulnerability that could be exploited by attackers to execute arbitrary .NET code in a sandboxed...

Remote Code Execution (RCE)

razorengine is vulnerable to remote code execution. The vulnerability exists because it does not sanitize the CAS code access security of an insecure sandboxed environment, allowing an attacker to execute maliciously crafted .NET code into the system...

Code injection in RazorEngine

In the IsolatedRazorEngine component of Antaris RazorEngine through 4.5.1-alpha001, an attacker can execute arbitrary .NET code in a sandboxed environment if users can externally control template contents. NOTE: This vulnerability only affects products that are no longer supported by the maintain...

GHSA-PH3V-2HQ5-5QFQ Code injection in RazorEngine

In the IsolatedRazorEngine component of Antaris RazorEngine through 4.5.1-alpha001, an attacker can execute arbitrary .NET code in a sandboxed environment if users can externally control template contents. NOTE: This vulnerability only affects products that are no longer supported by the maintain...

CVE-2021-46703

In the IsolatedRazorEngine component of Antaris RazorEngine through 4.5.1-alpha001, an attacker can execute arbitrary .NET code in a sandboxed environment if users can externally control template contents. NOTE: This vulnerability only affects products that are no longer supported by the maintain...

CVE-2021-46703

CVE-2021-46703 affects Antaris RazorEngine (IsolatedRazorEngine component) up to version 4.5.1-alpha001. The vulnerability allows an attacker to execute arbitrary .NET code in a sandboxed environment when template contents can be externally controlled, effectively escaping the sandbox. A public e...

CVE-2021-46703

In the IsolatedRazorEngine component of Antaris RazorEngine through 4.5.1-alpha001, an attacker can execute arbitrary .NET code in a sandboxed environment if users can externally control template contents. NOTE: This vulnerability only affects products that are no longer supported by the maintain...

Antaris RazorEngine 安全漏洞

Antaris RazorEngine is an open source templating engine based on Microsoft's Razor parsing engine from Matthew Abbott, a personal developer in the U.K. Antaris RazorEngine contains a security vulnerability that could be exploited by attackers to execute arbitrary .NET code in a sandboxed...

PT-2022-12906 · Antaris · Razorengine

Name of the Vulnerable Software and Affected Versions: Antaris RazorEngine versions through 4.5.1-alpha001 Description: An attacker can execute arbitrary .NET code in a sandboxed environment if users can externally control template contents. This issue affects products that are no longer supporte...