CVE-2017-5830
CRITICALRevive-adserver Revive Adserver < 4.0.0 - Insecure Deserialization
Title source: ruleDescription
Revive Adserver before 4.0.1 allows remote attackers to execute arbitrary code via serialized data in the cookies related to the delivery scripts.
Scores
CVSS v3
9.8
EPSS
0.0350
EPSS Percentile
87.4%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Classification
CWE
CWE-502
Status
draft
Affected Products (1)
revive-adserver/revive_adserver
< 4.0.0
Timeline
Published
Mar 03, 2017
Tracked Since
Feb 18, 2026