Back to directory
WRITEUP #1220

When you're so bored, you start debugging someone else's code: bug hunting in a random Cloud-Native project

RCESSTI
byONSEC.io Research Team
Program
Foreman
Published
May 3, 2023
Added to HackDex
May 4, 2023
Read Full Writeuphttps://blog.onsec.io/when-youre-so-bored-you-start-debugging-someone-elses-code/
RELATED WRITEUPS
WPML Multilingual CMS Authenticated Contributor+ Remote Code Execution (RCE) via Twig Server-Side Template Injection (SSTI)
RCESSTI
Chaining Three Bugs to Access All Your ServiceNow Data
RCESSTI
Vulnerabilities in Open Source C2 Frameworks
RCEOS command injection
[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package
RCEDependency confusion
Attacking PowerShell CLIXML Deserialization
DeserializationInsecure deserialization

Built with ❤️ by Shubham Rawat