module
SolarWinds Information Service (SWIS) .NET Deserialization From AMQP RCE
| Disclosed |
|---|
| Oct 19, 2022 |
Disclosed
Oct 19, 2022
Description
The SolarWinds Information Service (SWIS) is vulnerable to RCE by way of a crafted message received through the
AMQP message queue. A malicious user that can authenticate to the AMQP service can publish such a crafted
message whose body is a serialized .NET object which can lead to OS command execution as NT AUTHORITY\SYSTEM.
AMQP message queue. A malicious user that can authenticate to the AMQP service can publish such a crafted
message whose body is a serialized .NET object which can lead to OS command execution as NT AUTHORITY\SYSTEM.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.