Back to directory
WRITEUP #6324

Airbnb – Ruby on Rails String Interpolation led to Remote Code Execution

RCE
by@bbuerhaus(Brett Buerhaus)
Program
Airbnb
Published
Mar 13, 2017
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://buer.haus/2017/03/13/airbnb-ruby-on-rails-string-interpolation-led-to-remote-code-execution/
RELATED WRITEUPS
Vulnerabilities in Open Source C2 Frameworks
RCEOS command injection
[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package
RCEDependency confusion
Attacking PowerShell CLIXML Deserialization
DeserializationInsecure deserialization
Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS
RCEArbitrary file write
We Spent $20 To Achieve RCE And Accidentally Became The Admins Of .MOBI
RCETLD hacking

Built with ❤️ by Shubham Rawat