Precios Enterprise

CVE-2023-24162

9.8CRITICAL

Deserialization vulnerability in Dromara Hutool v5.8.11 allows attacker to execute arbitrary code via the XmlUtil.readObjectFromXml parameter.

Publicado: 1/31/2023Actualizado: 3/27/2025

Ver en NVD Ver en MITRE

Descripción

Deserialization vulnerability in Dromara Hutool v5.8.11 allows attacker to execute arbitrary code via the XmlUtil.readObjectFromXml parameter.

Análisis IAImpulsado por IA

Productos Afectados

hutoolhutool

5.8.11

Referencias

https://gitee.com/dromara/hutool/issues/I6AEX2
ExploitThird Party Advisory
https://github.com/dromara/hutool/issues/2855
ExploitThird Party Advisory
https://gitee.com/dromara/hutool/issues/I6AEX2
ExploitThird Party Advisory
https://github.com/dromara/hutool/issues/2855
ExploitThird Party Advisory