Security Vulnerability in Perfex CRM Allows Unauthenticated Remote Code Execution

The post references a security vulnerability in Perfex CRM where an autologin cookie is passed into an unserialize() function. This insecure deserialization flaw allows unauthenticated remote code execution (RCE). The issue is documented in a detailed write-up linked in the post.