Get Mystery Box with random crypto!

Remote code execution in cdnjs of Cloudflare by @ryotkak A | PT SWARM

Remote code execution in cdnjs of Cloudflare
 by @ryotkak

A path traversal in Cloudfare's cdnjs library update server during archive extraction could be used to execute arbitrary commands, and as a result, cdnjs could be completely compromised, affecting around 12.7% of all websites on the internet once caches are expired.

Contents:
• Preface
• TL;DR
• About cdnjs
• Reason for investigation
• Initial investigation
• Investigation of automatic update
• Path traversal
• Demonstration of vulnerability
• Incident
• Determinate impact
• Conclusion
• Timeline

https://blog.ryotak.me/post/cdnjs-remote-code-execution-en/
Next Message
telegram-store.com © 2016-2024
Non official site about Telegram
All rights reserved. Copying and using of full materials is prohibited, partial quoting is possible only with a hyperlink to the site telegram-store.com.