mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
895 B
895 B
CVE-2022-0749
Description
This affects all versions of package SinGooCMS.Utility. The socket client in the package can pass in the payload via the user-controllable input after it has been established, because this socket client transmission does not have the appropriate restrictions or type bindings for the BinaryFormatter.
POC
Reference
- https://github.com/SinGooCMS/SinGooCMSUtility/issues/1
- https://snyk.io/vuln/SNYK-DOTNET-SINGOOCMSUTILITY-2312979
Github
No PoCs found on GitHub currently.