Back to directory

WRITEUP #2613

SynLapse – Technical Details for Critical Azure Synapse Vulnerability

RCECross-tenant vulnerabilityCloud

by@TzahPahima(Tzah Pahima)

Bounty

60,000

Program

Microsoft

Published

Jun 14, 2022

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://orca.security/resources/blog/synlapse-critical-azure-synapse-analytics-service-vulnerability/

▸ RELATED WRITEUPS

Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package

RCEDependency confusion

Attacking PowerShell CLIXML Deserialization

DeserializationInsecure deserialization

Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS

RCEArbitrary file write

Built with ❤️ by Shubham Rawat