CVE-2024-28213: nGrinder vulnerable to unsafe Java objects deserialization

Severity: Critical

CVSS Score: 9.8

nGrinder before 3.5.9 allows to accept serialized Java objects from unauthenticated users, which could allow remote attacker to execute arbitrary code via unsafe Java objects deserialization.