Untrusted Java serialization in Soffid IAM console before 1.7.5 allows remote attackers to achieve arbitrary remote code execution via a crafted authentication request.Referenceshttp://www.soffid.com/security-advisory1-update/
