## https://sploitus.com/exploit?id=SAINT:29ACC8DBEB181C0B0645161422DDD264
Added: 04/13/2023
### Background
IBM Aspera Faspex is a centralized, high-speed transfer solution using the FASP protocol.
### Problem
A YAML deserialization vulnerability allows remote attackers to execute arbitrary commands by sending a POST request for `**relay_package**` with specially crafted JSON content.
### Resolution
Upgrade to Faspex 4.4.2 PL2 or higher.
### References
https://www.ibm.com/support/pages/node/6952319
### Limitations
Exploit works on Linux targets.
### Platforms
Linux