Vulnerabilities > CVE-2021-28254 - Deserialization of Untrusted Data vulnerability in Laravel 8.5.9
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
A deserialization vulnerability in the destruct() function of Laravel v8.5.9 allows attackers to execute arbitrary commands.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |