CRITICAL🇵🇱 Wersja polska

CVE-2024-28213

CVSS 9.8v3.1pub. 2024-03-07upd. 2025-05-07

nGrinder before 3.5.9 allows to accept serialized Java objects from unauthenticated users, which could allow remote attacker to execute arbitrary code via unsafe Java objects deserialization.

🤖 AI Analysis
How it works

The nGrinder application deserializes Java objects transmitted over the network without prior verification of the sender's identity. An attacker can prepare a malicious payload containing an unsafe Java object and send it directly to the vulnerable endpoint. During the deserialization process, the application executes code contained in the object, leading to the execution of arbitrary commands on the server (RCE).

Impact

An unauthenticated attacker can remotely execute arbitrary code on the server, which in practice means complete takeover of the system, including the ability to read and modify data and perform lateral movement across the network.

Mitigation & patch

Naver nGrinder should be immediately updated to version 3.5.9 or newer. According to vendor references, a patch eliminating the vulnerability is available. Until the update is applied, it is recommended to restrict network access to nGrinder instances only to trusted IP addresses at the firewall level.

Who is affected

Naver nGrinder in all versions prior to 3.5.9

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Naver Ngrinder

    APP
    Naver
    < 3.5.9
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEDeserialization
CWE
References

Related vulnerabilities

CVE-2024-28211CRITICAL9.8PL ✓ten sam produkt

Naver nGrinder — RCE przez złośliwy serwer JMX/RMI

CVE-2024-28212CRITICAL9.8PL ✓ten sam produkt

RCE w Naver nGrinder — niebezpieczna deserializacja przez SnakeYAML

CVE-2024-28215HIGH7.5ten sam produkt

nGrinder before 3.5.9 allows an attacker to create or update webhook configuration due to lack of access contr...

CVE-2024-28216MEDIUM5.4ten sam produkt

nGrinder before 3.5.9 allows an attacker to obtain the results of webhook requests due to lack of access contr...

CVE-2016-5060MEDIUM6.1ten sam produkt

Multiple cross-site scripting (XSS) vulnerabilities in nGrinder before 3.4 allow remote attackers to inject ar...