CVE-2018-3784
CVE-2018-3784
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 3.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
17 Aug 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A code injection in cryo 0.0.6 allows an attacker to arbitrarily execute code due to insecure implementation of deserialization.
Affected products
https://github.com/hunterloftis · cryoWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://hackerone.com/reports/350418