CVE-2023-26360 - Adobe ColdFusion Deserialization of Untrusted Data Vulnerability

漏洞名称

Adobe ColdFusion Deserialization of Untrusted Data Vulnerability

描述

Adobe ColdFusion contains a deserialization of untrusted data vulnerability that allows for remote code execution.

已知用于勒索软件活动吗？

Unknown

采集行动

Apply updates per vendor instructions.

其他说明

https://helpx.adobe.com/security/products/coldfusion/apsb23-25.html

https://nvd.nist.gov/vuln/detail/CVE-2023-26360

相关新闻文章

Adobe warns of critical ColdFusion bug with PoC exploit codeDecember 23, 2024

Chinese-Speaking Hacker Group Targets Human Rights Studies in Middle EastSeptember 5, 2024

Hackers use PoC exploits in attacks 22 minutes after releaseJuly 13, 2024

相关 CWE

CWE-284