Newforma: >> Project Center Security Vulnerabilities
Newforma Info Exchange (NIX) '/UserWeb/Common/MarkupServices.ashx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the customer-configured NIX service account.
CVSS Score
5.9
EPSS Score
0.0
Published
2025-10-09
Newforma Project Center Server through 2023.3.0.32259 allows remote code execution because .NET Remoting is exposed.
CVSS Score
4.9
EPSS Score
0.001
Published
2025-04-28
Page 2