26 matches found
CVE-2026-26222 DocLink .NET Remoting Unauthenticated Arbitrary File Read/Write RCE
Altec DocLink now maintained by Beyond Limits Inc. version 4.0.336.0 exposes insecure .NET Remoting endpoints over TCP and HTTP/SOAP via Altec.RDCHostService.exe using the ObjectURI "doclinkServer.soap". The service does not require authentication and is vulnerable to unsafe object unmarshalling,...
Calero VeraSMART 代码问题漏洞
Calero VeraSMART is a telephone billing software developed by the American company Calero. Versions of Calero VeraSMART prior to 2022 R1 contained code vulnerabilities. These vulnerabilities stemmed from exposing an unauthenticated .NET Remoting HTTP service, which could allow arbitrary file...
CVE-2025-34414
Entrust Instant Financial Issuance IFI On Premise software formerly referred to as CardWizard versions 5.x, prior to 6.10.5, and prior to 6.11.1 contain an insecure .NET Remoting exposure in the Legacy Remoting Service that is enabled by default. The service registers a TCP remoting channel with...
CVE-2025-34395
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, exposes a .NET Remoting service in which an unauthenticated attacker can invoke a method vulnerable to path traversal to read arbitrary files. This vulnerability can be escalated to remote code execution ...
CVE-2025-34414 Entrust Instant Financial Issuance (IFI) Legacy Remoting Service .NET Remoting RCE
Entrust Instant Financial Issuance IFI On Premise software formerly referred to as CardWizard versions 5.x, prior to 6.10.5, and prior to 6.11.1 contain an insecure .NET Remoting exposure in the Legacy Remoting Service that is enabled by default. The service registers a TCP remoting channel with...
CVE-2025-34414
Entrust Instant Financial Issuance (IFI) On Premise (CardWizard) versions 5.x, before 6.10.5 and before 6.11.1, contain an insecure .NET Remoting exposure in the Legacy Remoting Service enabled by default. The Legacy Remoting Service registers a TCP remoting channel with SOAP and binary formatter...
Entrust Instant Financial Issuance 代码问题漏洞
Entrust Instant Financial Issuance Entrust Cardwizard is an instant financial card issuance solution from US-based Entrust Corporation. A code issue vulnerability exists in Entrust Instant Financial Issuance version 5.x, versions prior to 6.10.5, and versions prior to 6.11.1, which stems from an...
PT-2025-50149
Name of the Vulnerable Software and Affected Versions Entrust Instant Financial Issuance IFI On Premise software formerly referred to as CardWizard versions 5.x through 6.10.5 and versions prior to 6.11.1 Description The software has an insecure .NET Remoting exposure in the Legacy Remoting...
EUVD-2025-14685
Malicious code in bioql PyPI...
ExploitRemotingService
This is a .NET Remoting Service exploit tool. It is a proof-of-concept PoC exploit for a vulnerability in the .NET Remoting Service. The tool is designed to demonstrate the exploitation of this vulnerability, which allows an attacker to execute arbitrary code on a remote system. The tool consists...
CVE-2025-34489
GFI MailEssentials prior to version 21.8 is vulnerable to a local privilege escalation issue. A local attacker can escalate to NT Authority/SYSTEM by sending a crafted serialized payload to a .NET Remoting Service...
CVE-2025-34489
GFI MailEssentials prior to version 21.8 is vulnerable to a local privilege escalation issue. A local attacker can escalate to NT Authority/SYSTEM by sending a crafted serialized payload to a .NET Remoting Service...
CVE-2025-34489
GFI MailEssentials prior to version 21.8 is vulnerable to a local privilege escalation issue. A local attacker can escalate to NT Authority/SYSTEM by sending a crafted serialized payload to a .NET Remoting Service...
CVE-2025-34489 GFI MailEssentials < 21.8 Local Privilege Escalation
GFI MailEssentials prior to version 21.8 is vulnerable to a local privilege escalation issue. A local attacker can escalate to NT Authority/SYSTEM by sending a crafted serialized payload to a .NET Remoting Service...
CVE-2025-34489 GFI MailEssentials < 21.8 Local Privilege Escalation
GFI MailEssentials prior to version 21.8 is vulnerable to a local privilege escalation issue. A local attacker can escalate to NT Authority/SYSTEM by sending a crafted serialized payload to a .NET Remoting Service...
PT-2025-18105 · Gfi · Gfi Mailessentials
Name of the Vulnerable Software and Affected Versions: GFI MailEssentials versions prior to 21.8 Description: A local privilege escalation issue exists, allowing a local attacker to escalate to NT Authority/SYSTEM by sending a crafted serialized payload to a .NET Remoting Service. Recommendations...
GFI MailEssentials 安全漏洞
GFI MailEssentials is an email security suite from GFI that includes 14 anti-spam filters, 3 anti-virus engines, and malware scanning capabilities. A security vulnerability exists in GFI MailEssentials versions prior to 21.8, which stems from the .NET Remoting Service improperly handling speciall...
Netwrix Auditor < 10.5 Insecure Object Deserialization
The version of Netwrix Auditor installed on the remote Windows host is prior to 10.5. It is, therefore, affected by an insecure object deserialization vulnerability: - Netwrix Auditor is vulnerable to an insecure object deserialization issue that is caused by an unsecured .NET remoting service. A...
New Netwrix Auditor Bug Could Let Attackers Compromise Active Directory Domain
Researchers have disclosed details about a security vulnerability in the Netwrix Auditor application that, if successfully exploited, could lead to arbitrary code execution on affected devices. "Since this service is typically executed with extensive privileges in an Active Directory environment,...
Veritas Enterprise Vault Code Issue Vulnerability (CNVD-2021-95590)
Veritas Enterprise Vault is an enterprise-class file protection, archive automation software from Veritas, Inc. A security vulnerability exists in Veritas Enterprise Vault 14.1.2 and prior versions, where Enterprise Vault applications start multiple services that listen on NET Remoting TCP port t...