Skip to content

Instantly share code, notes, and snippets.

@fuzzKitty
Created November 17, 2021 14:54
Show Gist options
  • Save fuzzKitty/95106430aa09760ebdcfa6304777f31f to your computer and use it in GitHub Desktop.
Save fuzzKitty/95106430aa09760ebdcfa6304777f31f to your computer and use it in GitHub Desktop.
CVE-2020-23620 - Orlansoft ERP Java Remote Management Interface
Vulnerable Product Version: Orlansoft ERP Java Remote Management Interface - All versions
Vendor: https://orlansoft.com/
Vulnerability Type: CWE-502 - Deserialization of Untrusted Data
Description: The Java Remote Management Interface of all versions of Orlansoft ERP
was discovered to contain a vulnerability due to insecure
deserialization of user-supplied content, which can allow attackers to
execute arbitrary code via a crafted serialized Java object.
Discovered by:
Omri Inbar, Shlomo Ben Yosef, Tal Sheinfeld
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment