The project import functionality in SoapUI 5.3.0 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL project file.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/146339/SoapUI-5.3.0-Code-Execution.html | Third Party Advisory VDB Entry |
Configurations
History
No history.
Information
Published : 2018-02-19 19:29
Updated : 2024-02-04 19:46
NVD link : CVE-2017-16670
Mitre link : CVE-2017-16670
CVE.ORG link : CVE-2017-16670
JSON object : View
Products Affected
smartbear
- soapui
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')