Vulnerabilities > CVE-2020-12471 - Deserialization of Untrusted Data vulnerability in Mono Monox 5.1.40.5152
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
MonoX through 5.1.40.5152 allows remote code execution via HTML5Upload.ashx or Pages/SocialNetworking/lng/en-US/PhotoGallery.aspx because of deserialization in ModuleGallery.HTML5Upload, ModuleGallery.SilverLightUploadModule, HTML5Upload, and SilverLightUploadHandler.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |