Back to directory

WRITEUP #1661

CVE from 2018 Strikes Again

RCEInsecure deserializationThick client

byColin McQueen

Program

-

Published

Jan 23, 2023

Added to HackDex

Jan 26, 2023

Read Full Writeuphttps://blog.stratumsecurity.com/2023/01/23/remote-code-execution-through-deserializtion/

▸ RELATED WRITEUPS

Attacking PowerShell CLIXML Deserialization

DeserializationInsecure deserialization

Getting code execution on Veeam through CVE-2023-27532

RCEInsecure deserialization

3 ways to get Remote Code Execution in Kafka UI

RCEInsecure deserialization

Evernote RCE: From PDF.js font-injection to All-platform Electron exposed ipcRenderer with listened BrokerBridge Remote-Code Execution

Shelltorch Explained: Multiple Vulnerabilities in Pytorch Model Server (Torchserve) (CVSS 9.9, CVSS 9.8) Walkthrough

Built with ❤️ by Shubham Rawat