Back to directory

WRITEUP #60

Hidden in Plain Sight: Uncovering RCE on a Forgotten Axis2 Instance

RCEDefault credentialsAxis2

byDomenico Veneziano

Program

-

Published

Aug 23, 2024

Added to HackDex

Aug 26, 2024

Read Full Writeuphttps://medium.com/@domenicoveneziano/hidden-in-plain-sight-uncovering-rce-on-a-forgotten-axis2-instance-86ddc91f1415

▸ RELATED WRITEUPS

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package

RCEDependency confusion

Attacking PowerShell CLIXML Deserialization

DeserializationInsecure deserialization

Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS

RCEArbitrary file write

We Spent $20 To Achieve RCE And Accidentally Became The Admins Of .MOBI

Built with ❤️ by Shubham Rawat