Arbitrary Code Execution Vulnerability in SmartBear ReadyAPI WSDL Import Functionality

Arbitrary Code Execution Vulnerability in SmartBear ReadyAPI WSDL Import Functionality

CVE-2018-20580 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

The WSDL import functionality in SmartBear ReadyAPI 2.5.0 and 2.6.0 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL file.

Learn more about our Api Penetration Testing.