Back to directory

WRITEUP #1658

Exploiting Hardcoded Keys to achieve RCE in Yellowfin BI

RCEAuthentication bypassSecurity code reviewJWT

by@TheGrandPew(Maxwell Garrett)

Program

Yellowfin BI

Published

Jan 24, 2023

Added to HackDex

Jan 26, 2023

Read Full Writeuphttps://blog.assetnote.io/2023/01/24/yellowfin-auth-bypass-to-rce/

▸ RELATED WRITEUPS

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

Getting code execution on Veeam through CVE-2023-27532

RCEInsecure deserialization

Spip Preauth RCE 2024: Part 2, A Big Upload

Back To School - Exploiting A Remote Code Execution Vulnerability In Moodle

RCESecurity code review

WordPress GiveWP POP to RCE (CVE-2024-5932)

RCEPHP pop chain

Built with ❤️ by Shubham Rawat