Vulnerabilities (CVE)

Filtered by vendor Aca Subscribe
Filtered by product Assuweb
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-3160 1 Aca 1 Assuweb 2024-11-21 7.5 HIGH 9.8 CRITICAL
Deserialization of untrusted data in the login page of ASSUWEB 359.3 build 1 subcomponent of ACA ASSUREX RENTES product allows a remote attacker to inject unsecure serialized Java object using a specially crafted HTTP request, resulting in an unauthenticated remote code execution on the server.