Back to directory

WRITEUP #1942

Checkmk: Remote Code Execution by Chaining Multiple Bugs (1/3)

RCECode injectionSSRFLine Feed injectionArbitrary file readAuthentication bypassSecurity code review

by@scryh_(Stefan Schiller)

Program

Checkmk

Published

Nov 15, 2022

Added to HackDex

Nov 17, 2022

Read Full Writeuphttps://blog.sonarsource.com/checkmk-rce-chain-1/

▸ RELATED WRITEUPS

Spip Preauth RCE 2024: Part 1, The Feather

RCECode injection

Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!

RCEConfusion attack

Studying 0days: How we hacked Anki, the world's most popular flashcard app

RCEComponents with known vulnerabilities

We hacked Anki - 0 day exploit from studying someone elses flashcards

RCEComponents with known vulnerabilities

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

Built with ❤️ by Shubham Rawat