Back to directory
WRITEUP #2205

Breaking Bitbucket: Pre Auth Remote Command Execution (CVE-2022-36804)

RCEOS command injection
by@TheGrandPew(Maxwell Garrett)
Program
Atlassian
Published
Sep 14, 2022
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://blog.assetnote.io/2022/09/14/rce-in-bitbucket-server/
RELATED WRITEUPS
Vulnerabilities in Open Source C2 Frameworks
RCEOS command injection
SSD Advisory – SonicWall SMA100 Stored XSS To RCE
RCEOS command injection
[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package
RCEDependency confusion
Attacking PowerShell CLIXML Deserialization
DeserializationInsecure deserialization
Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS
RCEArbitrary file write

Built with ❤️ by Shubham Rawat