Back to directory

WRITEUP #1701

YAFPC — Unauthenticated Remote Code Execution

Auth BypassAuthentication bypassHardcoded credentialsRCE

byLuke Paris

Program

-

Published

Jan 14, 2023

Added to HackDex

Feb 16, 2023

Read Full Writeuphttps://blog.paradoxis.nl/yafpc-unauthenticated-remote-code-execution-755bf9e4d7c1

▸ RELATED WRITEUPS

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

Breaking the Barrier: Admin Panel Takeover Worth $3500

Auth BypassAuthentication bypass

Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!

RCEConfusion attack

SAML Authentication Bypass Leading to Admin Panel Access

Auth BypassSAML

Breaking Down Barriers: Exploiting Authenticated IPC Clients

Auth BypassIPC client

Built with ❤️ by Shubham Rawat