Topic

RCE

A collection of 15 issues

CVE-2022-27873 An attacker can force the victim's device to perform HTTP requests in WAN through a malicious SVG file being parsed by Autodesk Fusion 360's document parser. The vulnerability is in the application's "Insert SVG" procedure.

To trigger this vulnerability an attacker has to place a malicious SVG file in the ‘Insert SVG’ procedure. The user has to open the malicious SVG file in Autodesk Fusion 360 before it is parsed and executed in the application. It is important to note that the user does not
2 min read
Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe