CVE-2021-27852 - Checkbox Survey Deserialization of Untrusted Data Vulnerability
Project:Checkbox
Product:Checkbox Survey
Date Added:2022-04-11Due Date:2022-05-02
Vulnerability Name
Checkbox Survey Deserialization of Untrusted Data Vulnerability
Description
Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker to execute arbitrary code.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Versions 6 and earlier for this product are end-of-life and must be removed from agency networks. Versions 7 and later are not considered vulnerable.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-27852