Vulnerabilities > Netmotionsoftware > Netmotion Mobility > 12.0

DATE CVE VULNERABILITY TITLE RISK
2021-02-08 CVE-2021-26915 Deserialization of Untrusted Data vulnerability in Netmotionsoftware Netmotion Mobility 12.0
NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to execute arbitrary code as SYSTEM because of Java deserialization in webrepdb StatusServlet.
network
high complexity
netmotionsoftware CWE-502
8.1
8.1
2021-02-08 CVE-2021-26914 Deserialization of Untrusted Data vulnerability in Netmotionsoftware Netmotion Mobility 12.0
NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to execute arbitrary code as SYSTEM because of Java deserialization in MvcUtil valueStringToObject.
network
high complexity
netmotionsoftware CWE-502
8.1
8.1
2021-02-08 CVE-2021-26913 Deserialization of Untrusted Data vulnerability in Netmotionsoftware Netmotion Mobility 12.0
NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to execute arbitrary code as SYSTEM because of Java deserialization in RpcServlet.
network
high complexity
netmotionsoftware CWE-502
8.1
8.1
2021-02-08 CVE-2021-26912 Deserialization of Untrusted Data vulnerability in Netmotionsoftware Netmotion Mobility 12.0
NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to execute arbitrary code as SYSTEM because of Java deserialization in SupportRpcServlet.
network
high complexity
netmotionsoftware CWE-502
8.1
8.1