CVEs-PoC/2022/CVE-2022-0749.md at efebdd4f2d72a3494ec92163e9e88e00a3646b8a

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-25 16:47:53 +02:00

Files

T

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

This affects all versions of package SinGooCMS.Utility. The socket client in the package can pass in the payload via the user-controllable input after it has been established, because this socket client transmission does not have the appropriate restrictions or type bindings for the BinaryFormatter.

POC

Reference

https://github.com/SinGooCMS/SinGooCMSUtility/blob/master/SinGooCMS.Utility/Net/SocketClient.cs
https://github.com/SinGooCMS/SinGooCMSUtility/issues/1
https://snyk.io/vuln/SNYK-DOTNET-SINGOOCMSUTILITY-2312979

Github

No PoCs found on GitHub currently.

986 B Raw Blame History

CVE-2022-0749

Description

POC

Reference

Github

986 B

Raw Blame History