Back to directory

WRITEUP #2561

CVE-2021-3779: Ruby-MySQL Gem Client File Read (FIXED)

OtherClient File Read

by@h0ng10(Hans-Martin Münch)

Program

Rapid7

Published

Jun 28, 2022

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://www.rapid7.com/blog/post/2022/06/28/cve-2021-3779-ruby-mysql-gem-client-file-read-fixed/

▸ RELATED WRITEUPS

Data Theft in Salesforce: Manipulating Public Links

OtherSOQL injection

When Certificates Fail: A Story of Bypassed MFA in Remote Access

Other2FA / MFA bypass

SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuff

Ghost In The Ppl Part 1: Byovdll

OtherUse-After-Free

Part 2: From Byovdll To Arbitrary Code Execution In Lsass

OtherUse-After-Free

Built with ❤️ by Shubham Rawat