Back to directory
WRITEUP #1860

From Zero to Hero Part 2: From SQL Injection to RCE on Intel DCM (CVE-2022-21225)

SQL InjectionKerberosRCEPrivilege escalationSecurity code review
by@MrTuxracer(Julien Ahrens)
Bounty
10,000
Program
Intel
Published
Dec 1, 2022
Added to HackDex
Dec 20, 2022
Read Full Writeuphttps://www.rcesecurity.com/2022/12/from-zero-to-hero-part-2-intel-dcm-sql-injection-to-rce-cve-2022-21225/
RELATED WRITEUPS
Exploiting authorization by nonce in WordPress plugins
RCEArbitrary file upload
Vulnerabilities in Open Source C2 Frameworks
RCEOS command injection
Getting code execution on Veeam through CVE-2023-27532
RCEInsecure deserialization
Spip Preauth RCE 2024: Part 2, A Big Upload
RCEFile upload
Breaking Down Barriers: Exploiting Pre-Auth SQL Injection In WhatsUp Gold - CVE-2024-6670
SQL InjectionReverse engineering

Built with ❤️ by Shubham Rawat