CVE-2023-29492 - Novi Survey Insecure Deserialization Vulnerability

: Novi Survey | Novi Survey

Date Added:
2023-04-13

Due Date:
2023-05-04

Vulnerability Name: Novi Survey Insecure Deserialization Vulnerability

Description: Novi Survey contains an insecure deserialization vulnerability that allows remote attackers to execute code on the server in the context of the service account.

Known To Be Used in Ransomware Campaigns?: Unknown

Action: Apply updates per vendor instructions.

Additional Notes: https://novisurvey.net/blog/novi-survey-security-advisory-apr-2023.aspx; https://nvd.nist.gov/vuln/detail/CVE-2023-29492

Free online web security scanner

Don't show website scan report rating on the leaderboard