CVE-2018-20580

Published May 3rd, 2019

View on NVD ↗

CVSS v3

N/A

CVSS v2

9.3

HIGH

Affected

PROJECT

Description

The WSDL import functionality in SmartBear ReadyAPI 2.5.0 and 2.6.0 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL file.

gscamelo/CVE-2018-20580

A proof of concept for ReadyAPI 2.5.0/2.6.0 Remote Code Execution Vulnerability.

GitHub