Lucene search
Veracode Vulnerability DatabaseVERACODE:36309HistoryJul 11, 2022 - 3:24 a.m.
Remote Code Execution (RCE)
2022-07-1103:24:31
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
18
remote code execution
http header
pickleserialize
serializers.py
software
EPSS
0.14
Percentile
95.8%
rpc.py is vulnerable to remote code execution. The vulnerability exists because the PickleSerialize in the decode function of serializers.py is not enabled by default, allowing an attacker to cause the data to be processed with unpickle by providing a malicious HTTP header.
References
Related
githubexploit
githubexploit
Exploit for Insufficiently Protected Credentials in Rpc.Py Project Rpc.Py
2024-04-14 04:08:44
cve
cve
CVE-2022-35411
2022-07-08 19:15:08
cvelist
cvelist
CVE-2022-35411
2022-07-08 18:07:40
checkpoint_advisories
checkpoint_advisories
rpc.py Project Remote Code Execution (CVE-2022-35411)
2022-11-17 00:00:00
nvd
nvd
CVE-2022-35411
2022-07-08 19:15:08
packetstorm
packetstorm
rpc.py 0.6.0 Remote Code Execution
2022-07-29 00:00:00
zdt
zdt
rpc.py 0.6.0 - Remote Code Execution Exploit
2022-07-31 00:00:00
osv
osv
CVE-2022-35411
2022-07-08 19:15:08
rpc.py vulnerable to Deserialization of Untrusted Data
2022-07-09 00:00:19
github
github
rpc.py vulnerable to Deserialization of Untrusted Data
2022-07-09 00:00:19
prion
prion
Remote code execution
2022-07-08 19:15:00
exploitdb
exploitdb
rpc.py 0.6.0 - Remote Code Execution (RCE)
2022-07-29 00:00:00