Smartbear Readyapi vulnerabilities
3 known vulnerabilities affecting smartbear/readyapi.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2
Vulnerabilities
Page 1 of 1
CVE-2018-20580P2HIGHCVSS 8.8PoCv2.5.0v2.6.02019-05-03
CVE-2018-20580 [HIGH] CWE-20 CVE-2018-20580: The WSDL import functionality in SmartBear ReadyAPI 2.5.0 and 2.6.0 allows remote attackers to execu
The WSDL import functionality in SmartBear ReadyAPI 2.5.0 and 2.6.0 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL file.
nvd
CVE-2020-12835P2CRITICALCVSS 9.8v3.2.52020-05-20
CVE-2020-12835 [CRITICAL] CWE-502 CVE-2020-12835: An issue was discovered in SmartBear ReadyAPI SoapUI Pro 3.2.5. Due to unsafe use of an Java RMI bas
An issue was discovered in SmartBear ReadyAPI SoapUI Pro 3.2.5. Due to unsafe use of an Java RMI based protocol in an unsafe configuration, an attacker can inject malicious serialized objects into the communication, resulting in remote code execution in the context of a client-side Network Licensing Protocol component.
nvd
CVE-2019-12180P3HIGHCVSS 7.8≥ 2.8.2, ≤ 3.0.02020-02-05
CVE-2019-12180 [HIGH] CVE-2019-12180: An issue was discovered in SmartBear ReadyAPI through 2.8.2 and 3.0.0 and SoapUI through 5.5. When o
An issue was discovered in SmartBear ReadyAPI through 2.8.2 and 3.0.0 and SoapUI through 5.5. When opening a project, the Groovy "Load Script" is automatically executed. This allows an attacker to execute arbitrary Groovy Language code (Java scripting language) on the victim machine by inducing it to open a malicious Project. The same issue is present in the
nvd