WRITEUP #2454

Mail Server Misconfiguration leads to sending a fax from anyone’s account on HelloFax (Dropbox BBP) for a bounty of $4,913

AI / LLMEmail spoofing

by@ehsayaan(Sayaan Alam)

Bounty

4,913

Program

Dropbox

Published

Jul 25, 2022

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://infosecwriteups.com/mail-server-misconfiguration-leads-to-sending-a-fax-from-anyones-account-on-hellofax-dropbox-bbp-aab3d97ab4e7

▸ RELATED WRITEUPS

Unmasking Harmful Content in a Medical Chatbot: A Red Team Perspective

AI / LLMAI

Revival Hijack – PyPI hijack technique exploited in the wild, puts 22K packages at risk

AI / LLMCI/CD

Microsoft Copilot: From Prompt Injection to Exfiltration of Personal Information

AI / LLMAI

Google AI Studio: LLM-Powered Data Exfiltration Hits Again! Quickly Fixed.

AI / LLMAI

From MLOps to MLOops: Exposing the Attack Surface of Machine Learning Platforms

AI / LLMAI

Built with ❤️ by Shubham Rawat