8 matches found
Code Injection in Masuit.Tools.Core
All versions of package Masuit.Tools.Core are vulnerable to Arbitrary Code Execution via the ReceiveVarData function in the SocketClient.cs component. The socket client in the package can pass in the payload via the user-controllable input after it has been established, because this socket client...
GHSA-VH38-GHX6-VMVG Code Injection in Masuit.Tools.Core
All versions of package Masuit.Tools.Core are vulnerable to Arbitrary Code Execution via the ReceiveVarData function in the SocketClient.cs component. The socket client in the package can pass in the payload via the user-controllable input after it has been established, because this socket client...
CVE-2022-21167
All versions of package masuit.tools.core are vulnerable to Arbitrary Code Execution via the ReceiveVarData function in the SocketClient.cs component. The socket client in the package can pass in the payload via the user-controllable input after it has been established, because this socket client...
Code injection
All versions of package masuit.tools.core are vulnerable to Arbitrary Code Execution via the ReceiveVarData function in the SocketClient.cs component. The socket client in the package can pass in the payload via the user-controllable input after it has been established, because this socket client...
CVE-2022-21167
CVE-2022-21167 affects Masuit.Tools.Core (and related Masuit.Tools packages) with Arbitrary Code Execution via the ReceiveVarData function in SocketClient.cs. All versions are reported vulnerable due to inadequate restrictions/type bindings for BinaryFormatter during deserialization of user-contr...
CVE-2022-21167 Arbitrary Code Execution
All versions of package masuit.tools.core are vulnerable to Arbitrary Code Execution via the ReceiveVarData function in the SocketClient.cs component. The socket client in the package can pass in the payload via the user-controllable input after it has been established, because this socket client...
CVE-2022-21167
All versions of package masuit.tools.core are vulnerable to Arbitrary Code Execution via the ReceiveVarData function in the SocketClient.cs component. The socket client in the package can pass in the payload via the user-controllable input after it has been established, because this socket client...
PT-2022-14896 · Unknown · Masuit.Tools.Core
Name of the Vulnerable Software and Affected Versions: Masuit.Tools.Core versions all Description: The issue concerns Arbitrary Code Execution via the ReceiveVarData function in the SocketClient.cs component. This occurs because the socket client transmission lacks appropriate restrictions or typ...