Back to directory
WRITEUP #2184

Securing Developer Tools: OneDev Remote Code Execution

RCESSRFBroken Access ControlContainer escape
byPaul Gerste
Program
OneDev
Published
Sep 20, 2022
Added to HackDex
Sep 22, 2022
Read Full Writeuphttps://blog.sonarsource.com/onedev-remote-code-execution/
RELATED WRITEUPS
Vulnerabilities in Homepage Dashboard
RCESSRF
From MLOps to MLOops: Exposing the Attack Surface of Machine Learning Platforms
AI / LLMAI
Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
RCEConfusion attack
Shelltorch Explained: Multiple Vulnerabilities in Pytorch Model Server (Torchserve) (CVSS 9.9, CVSS 9.8) Walkthrough
AI / LLMAI
Vulnerabilities in Open Source C2 Frameworks
RCEOS command injection

Built with ❤️ by Shubham Rawat