Back to directory

WRITEUP #1905

CVE-2022-41924 - RCE in Tailscale, DNS Rebinding, and You

RCEDNS rebindingInformation disclosure

by@JJJollyjim(Jamie McClymont)

Bounty

10,000

Program

Tailscale

Published

Nov 22, 2022

Added to HackDex

Nov 30, 2022

Read Full Writeuphttps://emily.id.au/tailscale

▸ RELATED WRITEUPS

Vulnerabilities in Homepage Dashboard

Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package

RCEDependency confusion

Attacking PowerShell CLIXML Deserialization

DeserializationInsecure deserialization

Built with ❤️ by Shubham Rawat