Back to directory
WRITEUP #778

Remote Code Execution in Tutanota Desktop due to Code Flaw

XSSCSP bypassParsing issueElectronRCESecurity code review
byPaul Gerste
Program
Tutanota
Published
Sep 20, 2023
Added to HackDex
Sep 22, 2023
Read Full Writeuphttps://www.sonarsource.com/blog/remote-code-execution-in-tutanota-desktop-due-to-code-flaw/
RELATED WRITEUPS
Studying 0days: How we hacked Anki, the world's most popular flashcard app
RCEComponents with known vulnerabilities
We hacked Anki - 0 day exploit from studying someone elses flashcards
RCEComponents with known vulnerabilities
Evernote RCE: From PDF.js font-injection to All-platform Electron exposed ipcRenderer with listened BrokerBridge Remote-Code Execution
RCEXSS
Getting code execution on Veeam through CVE-2023-27532
RCEInsecure deserialization
Spip Preauth RCE 2024: Part 2, A Big Upload
RCEFile upload

Built with ❤️ by Shubham Rawat