The mongo::mongoFind method in MongoDB makes use of uninitialized memory. A remote attacker can fill that memory address with controlled data and then call the vulnerable function in order to execute arbitrary code on the affected server.
CVE Link
Exploit Type - Old
Exploits/Remote
Exploit Platform
Product Name