Apache SOAP authentication error vulnerability
Discription

Apache SOAP is used as a client-side library by the Apache Foundation to invoke SOAP services available elsewhere, and as a server-side tool to implement SOAP-accessible services. an authentication error vulnerability exists in Apache SOAP, which stems from the fact that RPCRouterServlet can be used without authentication. An attacker could exploit this vulnerability to potentially invoke methods on class paths that meet certain conditions, which could lead to arbitrary remote code execution depending on the classes available on the class path.Read More

Back to Main

Subscribe for the latest news: