Back to directory

WRITEUP #845

Technical Details for CVE-2023-29301: Adobe ColdFusion Access Control Bypass for a CFAdmin Authentication Component

RCEBroken Access ControlBruteforceColdFusion

by@hoyahaxa(Brian)

Program

Adobe

Published

Aug 30, 2023

Added to HackDex

Sep 5, 2023

Read Full Writeuphttps://hoyahaxa.blogspot.com/2023/08/technical-details-for-cve-2023-29301.html

▸ RELATED WRITEUPS

Unlocking the Weak Spot: Exploiting Insecure Password Reset Tokens

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package

RCEDependency confusion

Attacking PowerShell CLIXML Deserialization

DeserializationInsecure deserialization

Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS

RCEArbitrary file write

Built with ❤️ by Shubham Rawat