Back to directory

WRITEUP #418

MeshCentral Cross-Site Websocket Hijacking Vulnerability (CVE-2024-26135)

OtherCross-Site WebSocket Hijacking (CSWH)

byAdam Crosser

Program

MeshCentral

Published

Feb 28, 2024

Added to HackDex

Jul 30, 2024

Read Full Writeuphttps://www.praetorian.com/blog/meshcentral-cross-site-websocket-hijacking-vulnerability/

▸ RELATED WRITEUPS

Data Theft in Salesforce: Manipulating Public Links

OtherSOQL injection

When Certificates Fail: A Story of Bypassed MFA in Remote Access

Other2FA / MFA bypass

SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuff

Ghost In The Ppl Part 1: Byovdll

OtherUse-After-Free

Part 2: From Byovdll To Arbitrary Code Execution In Lsass

OtherUse-After-Free

Built with ❤️ by Shubham Rawat