WRITEUP #2000

Vulnerabilities In Apache Batik Default Security Controls – SSRF And RCE Through Remote Class Loading

SSRFRCE

by@chudypb(Piotr Bazydło)

Program

Apache Batik

Published

Oct 31, 2022

Added to HackDex

Nov 1, 2022

Read Full Writeuphttps://www.zerodayinitiative.com/blog/2022/10/28/vulnerabilities-in-apache-batik-default-security-controls-ssrf-and-rce-through-remote-class-loading

▸ RELATED WRITEUPS

Vulnerabilities in Homepage Dashboard

RCESSRF

Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!

RCEConfusion attack

Shelltorch Explained: Multiple Vulnerabilities in Pytorch Model Server (Torchserve) (CVSS 9.9, CVSS 9.8) Walkthrough

AI / LLMAI

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package

RCEDependency confusion

Built with ❤️ by Shubham Rawat