I had totally missed this nasty bug when it came out earlier this year, and only became aware very recently after seeing this tweet on X. CVE-2024-25600 is an easy to exploit unauthenticated RCE that still affects installations of WordPress that have the Bricks Theme/Add-on installed with a version…
CVE-2023-42793 was a big hitting CVE found in JetBrains TeamCity versions below 2023.05.4. It caused mild panic for many businesses as it is a particularly nasty vulnerability that requires minimal effort to exploit. The vulnerability is an an authentication bypass that leads to remote command execution. It'…
This bug is an oldie, but one that is still about if you know where to look. It holds a special place in my heart as it was the first RCE I'd found on Synack, the fact it got rejected for being a duplicate doesn't matter!…
Earlier this year CVE-2024-23897 was disclosed, but I think I may have missed it during the new year and changing job. It was only when doing some hunting on Synack and doing some high level scanning that I found out about it, and when I had found it and tried…
Late last year this vulnerability lead to the compromise of several on-premise installs of Atlassian Confluence. CVE-2023-22515 is scarily simple to exploit and is the result of certain requests sent to the server being trusted if they contained a certain header. With this it was then possible to re-run part…
Earlier today I was tasked with trying to show how CVE-2024-2879 could be exploited, and this investigation lead to the following blog post being created at Security Blue Team. The CVE itself didn't have a PoC online that I could find, and though I did find snippets of…
If you've been around web application penetration testing, it's pretty likely you'll know or have heard about Adminer. Adminer is a very convenient and easy to use open-source database management tool, it allows an administrator to connect in to the specified DBMS, run queries…
After seeing the recent CVE-2024-20767 relating to Improper Access Control in Adobe ColdFusion, I wanted to better understand how it worked. From my experiences on Synack, ColdFusion is still pretty out there in the wild and often quite out of date. I was unable to find too much information on…