Getting RCE in an AWS service (Amazon MWAA)

Amazon Managed Workflows for Apache Airflow (MWAA) is a managed service to run Apache Airflow on AWS without managing infrastructure. However, most installations are affected by CVE-2024-39877, an SSTI vulnerability which allows remote code execution.

Read More

RCE via malicious plugin in EMQX Dashboard

This is a malicious plugin for EMQX Dashboard which allows to execute commands remotely in versions below 5.8.6. Written in Erlang, it is based on one of the latest releases of the EMQX plugin template repository.

Read More


« Prev 1 2 3 4 5 6 7 8 9 10 11 12 Next »