https://nullcathedral.com/tags/perfex-crm/Where nothing is sacred.en-usNULL CATHEDRALMon, 16 Mar 2026 00:00:00 +0000Fri, 10 Apr 2026 18:00:00 +0000https://www.rssboard.org/rss-specification60https://nullcathedral.com/favicon.svghttps://nullcathedral.com/https://nullcathedral.com/posts/2026-03-16-perfex-crm-unauthenticated-rce-insecure-deserialization/Perfex CRM passed the autologin cookie into unserialize() without validation, giving unauthenticated attackers remote code execution.vulnerabilityperfex-crmdeserializationrcephphttps://nullcathedral.com/posts/2026-03-16-perfex-crm-unauthenticated-rce-insecure-deserialization/Mon, 16 Mar 2026 00:00:00 +0000