2023-12-25 00:00:00
mitre
PUBLISHED
An issue was discovered in RWS WorldServer before 11.7.3. /clientLogin deserializes Java objects without authentication, leading to command execution on the host.