Exposed dangerous method or function in Apache SOAP - CVE-2022-45378
Published: November 14, 2022
Apache SOAP
Detailed vulnerability description
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to missing authentication when accessing the RPCRouterServlet servlet. A remote attacker can invoke certain methods on the classpath and execute arbitrary code on the system.
How to mitigate CVE-2022-45378
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
Note, the project is no longer maintained.