Back to directory

WRITEUP #225

CVE-2024-27292: docAssembling exploits for RCE

RCESSTIPath traversalPrivilege escalation

byRiyush Ghimire

Program

Docassemble

Published

Jul 1, 2024

Added to HackDex

Jul 8, 2024

Read Full Writeuphttps://tantosec.com/blog/docassemble/

▸ RELATED WRITEUPS

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

Traccar 5 Remote Code Execution Vulnerabilities

RCEUnrestricted file upload

WPML Multilingual CMS Authenticated Contributor+ Remote Code Execution (RCE) via Twig Server-Side Template Injection (SSTI)

Path Traversal and Code Execution in CSLA.NET (CVE-2024-28698)

RCEPath traversal

Chaining Three Bugs to Access All Your ServiceNow Data

Built with ❤️ by Shubham Rawat