Back to directory

WRITEUP #1494

The Tale of a Command Injection by Changing the Logo

RCEOS command injectionUnrestricted file uploadDirectory listingHTTP response manipulation

by@omidxrz(0xrz)

Bounty

2,400

Program

-

Published

Feb 26, 2023

Added to HackDex

Feb 28, 2023

Read Full Writeuphttps://medium.com/@omidxrz/command-injection-by-changing-the-logo-2d730887ab6c

▸ RELATED WRITEUPS

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

Hitting the jackpot with RCE!

RCEUnrestricted file upload

Traccar 5 Remote Code Execution Vulnerabilities

RCEUnrestricted file upload

SSD Advisory – SonicWall SMA100 Stored XSS To RCE

RCEOS command injection

[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package

RCEDependency confusion

Built with ❤️ by Shubham Rawat