In Laravel Framework up to and including 5.5.40 and 5.6.x up to and including 5.6.29, remote code execution might occur as a result of an unserialize call on a potentially untrusted X-XSRF-TOKEN value. This involves the decrypt method in Illuminate/Encryption/Encrypter.php and PendingBroadcast in gadgetchains/Laravel/RCE/3/chain.php in phpggc. The attacker must know the application key, which normally would never occur, but could happen if the attacker previously had privileged access or successfully accomplished a previous attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
laravel laravel |
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Infecting networks via years-old CVEs that should have been patched by now
Crooks are exploiting years-old vulnerabilities to deploy Androxgh0st malware and build a cloud-credential stealing botnet, according to the FBI and the Cybersecurity and Infrastructure Security Agency (CISA). In a joint warning issued on Tuesday, the US government agencies said the Python-scripted malware primarily targets .env files that contain user credentials for AWS, Microsoft Office 365, SendGrid, and Twilio. After scanning and exploiting these stolen credentials, Androxgh0st can also be ...