03-19-2025, 07:00 PM
Critical
resolved
resolved
SSRF in Autodesk Rendering leading to account takeover
Bug reported by was disclosed at March 18, 2025, 6:48 pm | Server-Side Request Forgery (SSRF)
A server side request forgery (SSRF) vulnerability was discovered in Autodesk Rendering. The vulnerability could have allowed an attacker to gain control of a victim's account while they were logged in. Autodesk has fixed the vulnerability.
Medium
resolved
resolved
Django Debug Mode Enabled - Information Disclosure on api.wwm-dev.autodesk.com
Bug reported by ??? ℜ???? ??? was disclosed at March 18, 2025, 5:58 pm | Information Exposure Through Debug Information
The domain api.wwm-dev.autodesk.com was discovered to have Django debug mode enabled, which led to information disclosure. The issue was fixed by Autodesk.