CVE-2021-27852
Checkbox Survey Deserialization of Untrusted Data Vulnerability
CVSS
—
No CVSS
EPSS
31.9%
p98
KEV
YES
Apr 11, 2022
Exploit Today
79
0-100
Published: — · Last modified: —
Product
Checkbox / Checkbox Survey
Vulnerability
Checkbox Survey Deserialization of Untrusted Data Vulnerability
Added to KEV
Apr 11, 2022
Remediate by
May 2, 2022
Known ransomware use
No
Summary description
Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker to execute arbitrary code.
Required action
Versions 6 and earlier for this product are end-of-life and must be removed from agency networks. Versions 7 and later are not considered vulnerable.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-27852
No related CVEs by CWE or product.