Home / os / winmobile

SQL Server Reporting Services (SSRS) ViewState Deserialization

Posted on 13 March 2020

A vulnerability exists within Microsoft's SQL Server Reporting Services which can allow an attacker to craft an HTTP POST request with a serialized object to achieve remote code execution. The vulnerability is due to the fact that the serialized blob is not signed by the server.

 

TOP

Malware :

Exploits :