Skip to main content

Layer 7 API Gateway EUVD-2026-35992

| CVE-2026-11815 MEDIUM
Deserialization of Untrusted Data (CWE-502)
2026-06-10 symantec GHSA-w776-2rqx-9pjh
Deserialization RCE Layer 7 Api Gateway
5.3
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
5.3 MEDIUM
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:H/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:H/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
Analysis Generated
Jun 10, 2026 - 09:23 vuln.today
CVSS changed
Jun 10, 2026 - 07:22 NVD
5.3 (MEDIUM)
CVE Published
Jun 10, 2026 - 06:39 nvd
UNKNOWN (no severity yet)

DescriptionNVD

An attacker who intercepts and tampers with traffic between the client application and the API Gateway server could potentially deserialize arbitrary objects. This vulnerability could lead to broken security expectations or remote code execution.

AnalysisAI

Insecure deserialization in Broadcom Layer 7 API Gateway 11.2.1 exposes organizations to remote code execution or broken security control enforcement when an adversary can intercept and tamper with traffic between a client application and the gateway. The CVSS 4.0 vector assigns High subsequent-system confidentiality impact (SC:H), reflecting the gateway's privileged position as a broker to downstream backend services - meaning a successful exploit can cascade beyond the gateway itself. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain privileged network position (MITM)
Delivery
Intercept client-to-gateway serialized traffic
Exploit
Replace payload with malicious object graph
Execution
Gateway deserializes attacker-controlled data
Persist
Execute arbitrary code via gadget chain
Impact
Pivot to downstream backend systems via gateway trust
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Exploitation requires two concurrent preconditions. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The NVD-assigned CVSS 4.0 score of 5.3 (Medium) reflects the meaningful exploitation barriers: AC:H (High complexity) captures the requirement for a man-in-the-middle network position, and PR:L (Low privileges required) indicates some level of prior access or authentication is needed before the intercept-and-tamper scenario is achievable. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has achieved a man-in-the-middle position on the network segment between a client application and the Layer 7 API Gateway - for example via ARP spoofing, a compromised network device, or a rogue TLS termination proxy - intercepts a serialized request in transit and substitutes a crafted malicious object payload. The gateway deserializes the attacker-controlled payload, triggering a gadget chain that executes arbitrary operating system commands under the gateway process's security context. …
Remediation Consult the Broadcom security advisory at https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37631 for the vendor-confirmed patched version; an exact fix version number was not independently extractable from the available source data, so the patch version is not confirmed here and must be taken directly from the advisory. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-35992 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy