漏洞描述
Inductive Automation Ignition中存在不安全的反序列化漏洞。此漏洞是由于在ParameterVersionJavaSerializationCodec class中对不受信任的数据进行反序列化所导致的。
Inductive Automation Ignition CVE-2023-39475 不安全的反序列化漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2021-3129: Laravel with Ignition <= v8.4.2 Debug Mode - Remote Code Execution
- POC CVE-2021-41291: ECOA Building Automation System - Directory Traversal Content Disclosure
- POC CVE-2021-41293: ECOA Building Automation System - Arbitrary File Retrieval
- POC CVE-2022-22972: VMware Workspace ONE Access/Identity Manager/vRealize Automation - Authentication Bypass
- POC CVE-2022-26833: Open Automation Software OAS Platform V16.00.0121 - Missing Authentication
- POC CVE-2024-6922: Automation Anywhere Automation 360 - Server-Side Request Forgery
- POC CVE-2024-9186: Automation By Autonami < 3.3.0 - SQL Injection
- POC CVE-2025-1562: Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit - Broken Access Control
- POC CVE-2025-3102: SureTriggers – All-in-One Automation Platform ≤ 1.0.78 - Authentication Bypass
- POC CVE-2020-21998: HomeAutomation 3.3.2 - Open Redirect
- POC tcpconfig: Rockwell Automation TCP/IP Configuration Information - Detect
- POC laravel-ignition-xss: Laravel Ignition - Cross-Site Scripting
- IBM Cloud Pak for Business Automation 跨站脚本漏洞