Skip to content

Instantly share code, notes, and snippets.

@fuzzKitty
Created November 17, 2021 14:57
Show Gist options
  • Save fuzzKitty/dd1c6fac4f36e70ea64814732726aaea to your computer and use it in GitHub Desktop.
Save fuzzKitty/dd1c6fac4f36e70ea64814732726aaea to your computer and use it in GitHub Desktop.
CVE-2020-23621 - SVI MS Java Remote Management Interface
Vulnerable Product Version: SVI MS Management System - All versions
Vendor: https://www.squire-technologies.co.uk/
Vulnerability Type: CWE-502 - Deserialization of Untrusted Data
Description: The Java Remote Management Interface of all versions of SVI MS
Management System was discovered to contain a vulnerability due to
insecure deserialization of user-supplied content, which can allow
attackers to execute arbitrary code via a crafted serialized Java
object.
Discovered by:
Omri Inbar, Shlomo Ben Yosef, Tal Sheinfeld
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment