unauthenticated-access

3 articles
Sort: New Top Best
clear filter
bug-bounty622 facebook479 xss316 google174 microsoft120 rce102 apple72 csrf60 web355 account-takeover53 writeup51 exploit43 sqli41 dos36 ssrf34 cve33 cloudflare32 privilege-escalation29 defi28 malware27 node26 smart-contract-vulnerability25 idor25 subdomain-takeover24 clickjacking23 smart-contract23 ethereum23 access-control21 react21 vulnerability-disclosure21 reverse-engineering20 auth-bypass19 aws19 remote-code-execution18 lfi18 cloud17 docker17 cors17 oauth17 supply-chain17 race-condition17 info-disclosure16 browser14 authentication-bypass14 solidity14 phishing14 denial-of-service11 sql-injection11 delegatecall11 wordpress10
0
Used RCE as Root on marathon Instance
bug-bounty

A DevOps engineer discovered unauthenticated remote code execution as root on exposed Marathon instances by leveraging the task scheduling API to execute arbitrary commands. The vulnerability exploits the lack of authentication on Marathon's HTTP interface combined with the platform's ability to execute arbitrary bash commands through scheduled tasks.

rce remote-code-execution authentication-bypass marathon mesos container-orchestration dc-os unauthenticated-access api-abuse privilege-escalation shodan devops infrastructure
@omespino Marathon Mesos DC/OS Mesosphere Shodan
omespino.com · devanshbatham/Awesome-Bugbounty-Writeups · 4 hours ago · details
0
Microsoft RCE bugbounty
bug-bounty

A researcher discovered an unauthenticated Apache Solr instance running on a Microsoft subdomain vulnerable to CVE-2019-17558, exploitable via velocity template injection to achieve RCE. The attack requires modifying the params.Resource.Loader.Enabled configuration and then sending a malicious velocity template payload.

rce remote-code-execution apache-solr velocity-template-injection bug-bounty vulnerability misconfiguration unauthenticated-access post-exploitation recon
CVE-2019-17558 Microsoft Apache Solr tide90.microsoft.com Muhammad Khizer Javed
blog.securitybreached.org · devanshbatham/Awesome-Bugbounty-Writeups · 4 hours ago · details
0
RCE starwars
bug-bounty

A bug bounty researcher discovered RCE on an abandoned staging web service via an unauthenticated PUT HTTP method that allowed arbitrary file uploads, enabling PHP web shell deployment and subsequent internal network traversal with privilege escalation through credential reuse and weak security practices.

rce remote-code-execution http-put-method web-shell reverse-shell unauthenticated-access file-upload http-methods internal-network-traversal privilege-escalation network-reconnaissance subdomain-enumeration port-scanning php-webshell credential-reuse ssh-access hash-cracking vpn-certificate staging-environment
nmap ncat netcat PHP Python SSH RDP SMB DNS zone transfer
blog.zsec.uk · devanshbatham/Awesome-Bugbounty-Writeups · 4 hours ago · details