Back to directory

WRITEUP #3630

Diving into Dependabot along with a bug in npm

SSRFRCE

by@tyage(tyage)

Bounty

8,117

Program

GitHub

Published

Jun 27, 2021

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://blog.tyage.net/posts/2021-06-27-dependabot-rce/

▸ RELATED WRITEUPS

Vulnerabilities in Homepage Dashboard

Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!

RCEConfusion attack

Shelltorch Explained: Multiple Vulnerabilities in Pytorch Model Server (Torchserve) (CVSS 9.9, CVSS 9.8) Walkthrough

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package

RCEDependency confusion

Built with ❤️ by Shubham Rawat