From Limited file read to full access on Jenkins (CVE-2024-23897)

TL;DR: As a red teamer, you encountered a Jenkins instance that is vulnerable to CVE-2024-23897, which allowed for limited arbitrary file read. Without credentials and with the /script endpoint in...

Jul 2, 2024 crypto

From Code Analysis to RCE (CVE-2023-22953)

TL;DR: In this article, I detail my journey of discovering CVE-2023-22953 through a source code review process. I explain the steps involved, including taint analysis, manual code review, runtime ...

Mar 20, 2024 codereview

SysAid On-Premise 20.1.11 - Unauthenticated RCE

Introduction In 2020, I identified a vulnerability in the “SysAid Help Desk Software”. This security flaw was significant enough to be assigned the reference CVE-2020-10569. In this article, I’ll ...

May 22, 2020 cve-2020-10569