CVE-2021-32075
CRITICALTerraria < 1.4.2.3 - Remote Code Execution via Insecure Deserialization
Title source: llmDescription
Re-Logic Terraria before 1.4.2.3 performs Insecure Deserialization.
References (4)
Core 4
Core References
Third Party Advisory x_refsource_misc
https://twitter.com/relogicgames
Third Party Advisory x_refsource_misc
https://vuln.ryotak.me/advisories/42
Release Notes, Third Party Advisory x_refsource_misc
https://store.steampowered.com/news/app/105600/view/3062989030626131236
Release Notes, Third Party Advisory x_refsource_misc
https://terraria.fandom.com/wiki/1.4.2.3
Scores
CVSS v3
9.8
EPSS
0.0179
EPSS Percentile
75.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-502
Status
published
Products (1)
re-logic/terraria
< 1.4.2.3
Published
May 24, 2021
Tracked Since
Feb 18, 2026