WRITEUP #2065

CVE 2022–24082, RCE in the PEGA Platform — Discovery, Remediation & Technical Details (Long Live JMX!!!)

RCEJMX

byMarcin Wolak

Program

PEGA

Published

Oct 17, 2022

Added to HackDex

May 15, 2023

Read Full Writeuphttps://marcin-wolak.medium.com/cve-2022-24082-rce-in-the-pega-platform-discovery-remediation-technical-details-long-live-69efb5437316

▸ RELATED WRITEUPS

3 ways to get Remote Code Execution in Kafka UI

RCEInsecure deserialization

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package

RCEDependency confusion

Attacking PowerShell CLIXML Deserialization

DeserializationInsecure deserialization

Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS

RCEArbitrary file write

Built with ❤️ by Shubham Rawat