Remote Code Execution in AjaxNetProfessional
Critical severity
GitHub Reviewed
Published
Dec 16, 2021
to the GitHub Advisory Database
•
Updated Nov 14, 2023
Description
Published by the National Vulnerability Database
Dec 3, 2021
Reviewed
Dec 6, 2021
Published to the GitHub Advisory Database
Dec 16, 2021
Last updated
Nov 14, 2023
All versions of package ajaxpro.2 are vulnerable to Deserialization of Untrusted Data due to the possibility of deserialization of arbitrary .NET classes, which can be abused to gain remote code execution.
References