High severity7.2NVD Advisory· Published Sep 19, 2017· Updated May 13, 2026

CVE-2017-14141

Description

The wiki_decode Developer System Helper function in the admin panel in Kaltura before 13.2.0 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

telekomsecurity.github.io/assets/advisories/20170912_kaltura-advisory.txtnvdExploitThird Party Advisory
www.securityfocus.com/bid/100976nvdThird Party AdvisoryVDB Entry
github.com/kaltura/server/commit/6a6d14328b7a1493e8c47f9565461e5f88be20c9nvdThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.468
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000