Back to directory

WRITEUP #1052

RCE via Path Traversal vulnerability in Onlyoffice CommunityServer < 12.5.2 (CVE-2023-34939)

RCEPath traversal

by@k_firsov(Kirill Firsov)

Program

OnlyOffice

Published

Jun 19, 2023

Added to HackDex

Jul 4, 2023

Read Full Writeuphttps://github.com/firsov/onlyoffice/blob/main/CVE-2023-34939-PoC.md

▸ RELATED WRITEUPS

Traccar 5 Remote Code Execution Vulnerabilities

RCEUnrestricted file upload

Path Traversal and Code Execution in CSLA.NET (CVE-2024-28698)

RCEPath traversal

Shelltorch Explained: Multiple Vulnerabilities in Pytorch Model Server (Torchserve) (CVSS 9.9, CVSS 9.8) Walkthrough

WhatsUp Gold Pre-Auth RCE WriteDataFile Primitive (CVE-2024-4883)

RCEPath traversal

WhatsUp Gold Pre-Auth RCE GetFileWithoutZip Primitive (CVE-2024-4885)

RCEPath traversal

Built with ❤️ by Shubham Rawat