Created
November 17, 2021 14:54
-
-
Save fuzzKitty/95106430aa09760ebdcfa6304777f31f to your computer and use it in GitHub Desktop.
CVE-2020-23620 - Orlansoft ERP Java Remote Management Interface
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Vulnerable Product Version: Orlansoft ERP Java Remote Management Interface - All versions | |
| Vendor: https://orlansoft.com/ | |
| Vulnerability Type: CWE-502 - Deserialization of Untrusted Data | |
| Description: The Java Remote Management Interface of all versions of Orlansoft ERP | |
| was discovered to contain a vulnerability due to insecure | |
| deserialization of user-supplied content, which can allow attackers to | |
| execute arbitrary code via a crafted serialized Java object. | |
| Discovered by: | |
| Omri Inbar, Shlomo Ben Yosef, Tal Sheinfeld |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment