CVE-2026-23751 in Kofax Captureinformation

Résumé

par MITRE • 23/04/2026

Kofax Capture, now referred to as Tungsten Capture, version 6.0.0.0 (other versions may be affected) exposes a deprecated .NET Remoting HTTP channel on port 2424 via the Ascent Capture Service that is accessible without authentication and uses a default, publicly known endpoint identifier. An unauthenticated remote attacker can exploit .NET Remoting object unmarshalling techniques to instantiate a remote System.Net.WebClient object and read arbitrary files from the server filesystem, write attacker-controlled files to the server, or coerce NTLMv2 authentication to an attacker-controlled host, enabling sensitive credential disclosure, denial of service, remote code execution, or lateral movement depending on service account privileges and network environment.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsable

VulnCheck

Réserver

15/01/2026

Divulgation

23/04/2026

Modérer

accepté

Entrée

VDB-359148

CPE

prêt

EPSS

0.00275

KEV

non

Activités

très faible

Secteur

Government, Chemical, ...

Sources

MITREhttps://www.cve.org/CVERecord?id=CVE-2026-23751
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2026-23751
CVE Detailshttps://www.cvedetails.com/cve/CVE-2026-23751/

PrécédentAperçuSuivant

Do you want to use VulDB in your project?

Use the official API to access entries easily!