Description
ColdFusion FlashGateway is vulnerable to deserialization attacks. An attacker could exploit this vulnerability using specially-crafted serialized data to execute arbitrary code on the system.
Remediation
Upgrade to the latest version of ColdFusion
References
Related Vulnerabilities
WordPress 2.1.1 Command Execution Backdoor Vulnerability (2.1.1)
SAP NetWeaver ConfigServlet remote command execution
Drupal Core 9.0.0 Remote Code Execution (9.0.0)
Jboss Application Server HTTPServerILServlet.java remote code execution
WordPress Plugin Five Star Restaurant Menu-WordPress Ordering Remote Code Execution (2.2.0)