Vulnerability — CVE-2021-23758

CVE-2021-23758

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2021-23758
Description:: All versions of package ajaxpro.2 are vulnerable to Deserialization of Untrusted Data due to the possibility of deserialization of arbitrary .NET classes, which can be abused to gain remote code execution.
Last updated date:: 11/14/2023

Type:: exploit
Confidence:: HIGH
Date of publishing:: 12/15/2021
Reference url to background: https://github.com/numanturle/CVE-2021-23758-POC

Type:: exploit
Confidence:: HIGH
Date of publishing:: 11/03/2023
Reference url to background: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/ajaxpro_deserialization_rce.rb