bug-bounty622
facebook479
xss316
google174
microsoft120
rce102
apple72
csrf60
web355
account-takeover53
writeup51
exploit43
sqli41
dos36
ssrf34
cve33
cloudflare32
privilege-escalation29
defi28
malware27
node26
smart-contract-vulnerability25
idor25
subdomain-takeover24
clickjacking23
smart-contract23
ethereum23
access-control21
react21
vulnerability-disclosure21
reverse-engineering20
auth-bypass19
aws19
remote-code-execution18
lfi18
cloud17
docker17
cors17
oauth17
supply-chain17
race-condition17
info-disclosure16
browser14
authentication-bypass14
solidity14
phishing14
denial-of-service11
sql-injection11
delegatecall11
wordpress10
0
vulnerability
Research demonstrating a complete RCE attack chain on DeskPro helpdesk software through multiple chained vulnerabilities: insufficient API access control (leaking JWT secrets and admin config), and insecure deserialization in the template editor. The exploit was demonstrated against Bitdefender's support center, achieving remote code execution from an unauthenticated user registration.
rce
remote-code-execution
helpdesk
deskpro
access-control
insufficient-access-control
api-vulnerability
insecure-deserialization
privilege-escalation
jwt
authentication-bypass
template-injection
twig
php-deserialization
pop-gadgets
credential-exposure
email-credentials
ticket-system
on-premise
self-hosted
CVE-2020-11465
CVE-2020-11463
CVE-2020-11466
CVE-2020-11464
CVE-2020-11467
DeskPro
Bitdefender
osTicket
Kayako
PHP Live!
Freelancer Inc
Redforce Web Security