CVE-2022-34268 Information

Description

An issue was discovered in RWS WorldServer before 11.7.3. /clientLogin deserializes Java objects without authentication leading to command execution on the host.

Reference

https://www.rws.com/localization/products/trados-enterprise/worldserver/ https://www.triskelelabs.com/vulnerabilities-in-rws-worldserver