WRITEUP #824

Apache Superset Part II: RCE, Credential Harvesting and More

RCEInsecure deserializationURL validation bypassBroken authorizationArbitrary file readInsufficiently Protected CredentialsDefault Flask Secret KeyHardcoded credentials

byNaveen Sunkavally

Program

Apache Superset

Published

Sep 6, 2023

Added to HackDex

Sep 7, 2023

Read Full Writeuphttps://www.horizon3.ai/apache-superset-part-ii-rce-credential-harvesting-and-more/

▸ RELATED WRITEUPS

Attacking PowerShell CLIXML Deserialization

DeserializationInsecure deserialization

Getting code execution on Veeam through CVE-2023-27532

RCEInsecure deserialization

CVE-2024-45195: Apache OFBiz Unauthenticated Remote Code Execution (Fixed)

RCEForced browsing

Analysis of CVE-2024-43044 — From file read to RCE in Jenkins through agents

RCEArbitrary file read

From Limited file read to full access on Jenkins (CVE-2024-23897)

RCEArbitrary file read

Built with ❤️ by Shubham Rawat