Unrated severityNVD Advisory· Published Jul 29, 2022· Updated Aug 3, 2024
CVE-2022-27873
CVE-2022-27873
Description
An attacker can force the victim’s device to perform arbitrary HTTP requests in WAN through a malicious SVG file being parsed by Autodesk Fusion 360’s document parser. The vulnerability exists in the application’s ‘Insert SVG’ procedure. An attacker can also leverage this vulnerability to obtain victim’s public IP and possibly other sensitive information.
Affected products
2Patches
Vulnerability mechanics
References
1- www.autodesk.com/trust/security-advisories/adsk-sa-2022-0013mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.