Aca: >> Assuweb Security Vulnerabilities
Deserialization of untrusted data in the login page of ASSUWEB 359.3 build 1 subcomponent of ACA ASSUREX RENTES product allows a remote attacker to inject unsecure serialized Java object using a specially crafted HTTP request, resulting in an unauthenticated remote code execution on the server.
CVSS Score
9.8
EPSS Score
0.143
Published
2021-01-28