Description

The AMF unmarshallers in Red5 Media Server before 1.0.8 do not restrict the classes for which it performs deserialization, which allows remote attackers to execute arbitrary code via crafted serialized Java data.

Remediation

References

http://www.openwall.com/lists/oss-security/2017/05/22/2

https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true

Related Vulnerabilities

CVE-2020-28452 Vulnerability in maven package com.softwaremill.akka-http-session:core_2.13

CVE-2021-3461 Vulnerability in maven package org.keycloak:keycloak-services

CVE-2022-24999 Vulnerability in npm package express

CVE-2020-35491 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind

CVE-2021-23362 Vulnerability in npm package hosted-git-info

Severity

Critical

Classification

CWE-502 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Mailing List Third Party Advisory