An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24344. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.

Rapid7 Blog


Rapid7's cybersecurity experts break down the latest vulnerabilities, exploits, and attacks. Detect threats faster with trusted news, insights & threat intel.

Listed: