Vulnerability Details : CVE-2021-23758
Public exploit exists!
All versions of package ajaxpro.2 are vulnerable to Deserialization of Untrusted Data due to the possibility of deserialization of arbitrary .NET classes, which can be abused to gain remote code execution.
Vulnerability category: Execute code
Products affected by CVE-2021-23758
- cpe:2.3:a:ajaxpro.2_project:ajaxpro.2:*:*:*:*:*:.net:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-23758
41.18%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 97 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2021-23758
-
AjaxPro Deserialization Remote Code Execution
Disclosure Date: 2021-12-03First seen: 2023-11-04exploit/windows/http/ajaxpro_deserialization_rceThis module leverages an insecure deserialization of data to get remote code execution on the target OS in the context of the user running the website which utilized AjaxPro. To achieve code execution, the module will construct some JSON data which
CVSS scores for CVE-2021-23758
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST | |
8.1
|
HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.2
|
5.9
|
Snyk |
CWE ids for CVE-2021-23758
-
The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.Assigned by: nvd@nist.gov (Primary)
References for CVE-2021-23758
-
http://packetstormsecurity.com/files/175677/AjaxPro-Deserialization-Remote-Code-Execution.html
AjaxPro Deserialization Remote Code Execution ≈ Packet Storm
-
https://github.com/michaelschwarz/Ajax.NET-Professional/commit/b0e63be5f0bb20dfce507cb8a1a9568f6e73de57
added allowed customized types · michaelschwarz/Ajax.NET-Professional@b0e63be · GitHubPatch;Third Party Advisory
-
https://snyk.io/vuln/SNYK-DOTNET-AJAXPRO2-1925971
Deserialization of Untrusted Data in ajaxpro.2 | SnykThird Party Advisory
Jump to