The Microsoft .NET Framework installation on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities, as follows:

  - Security feature bypass in ASP.NET. An attacker can bypass the security checks that prevents an attacker     from accessing internal applications in a website. (CVE-2023-36560)

  - Privilege escalation vulnerability in FTP component of .NET Framework. An attacker can inject arbitrary     commands to the FTP server. (CVE-2023-36049)

  - Information disclosure vulnerability in .NET Framework. An attacker can obtain the ObjRef URI which could     lead to remote code execution. (CVE-2024-29059

Detections

Analytics

Security Updates for Microsoft .NET Framework (November 2023)

critical Nessus Plugin ID 185887

Version 1.2