Vulnerabilities > CVE-2021-26912 - Deserialization of Untrusted Data vulnerability in Netmotionsoftware Netmotion Mobility 12.0
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to execute arbitrary code as SYSTEM because of Java deserialization in SupportRpcServlet.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |