Deserialization Vulnerability in Inikulin Replicator Allows Remote Code Execution
CVE-2021-33420 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
A deserialization issue discovered in inikulin replicator before 1.0.4 allows remote attackers to run arbitrary code via the fromSerializable function in TypedArray object.
Learn more about our Web Application Penetration Testing UK.