Apache SOAP is used as a client-side library by the Apache Foundation to invoke SOAP services available elsewhere, and as a server-side tool to implement SOAP-accessible services. an authentication error vulnerability exists in Apache SOAP, which stems from the fact that RPCRouterServlet can be used without authentication. An attacker could exploit this vulnerability to potentially invoke methods on class paths that meet certain conditions, which could lead to arbitrary remote code execution depending on the classes available on the class path.Read More
Apache SOAP authentication error vulnerability
