In RPyC before 6.0.0, when a server... CVE-2024-27758

- AV AC AU C I A
发布: 2024-03-12
修订: 2024-03-12

In RPyC before 6.0.0, when a server exposes a method that calls the attribute named __array__ for a client-provided netref (e.g., np.array(client_netref)), a remote attacker can craft a class that results in remote code execution.

0%

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有0条受影响产品信息