CVE-2021-38112

Cloud Security - Attacks AWS Privilege Escalation to SYSTEM in AWS VPN Client rhinosecuritylabscom/aws/cve-2022-25165-aws-vpn-client/ AWS WorkSpaces Remote Code Execution rhinosecuritylabscom/aws/cve-2021-38112-aws-workspaces-rce/ Resource Injection in CloudFormation Templates rhinosecuritylabscom/aws/cloud-malware-cloudformation-injection/ Down

Cloud Security - Attacks AWS Privilege Escalation to SYSTEM in AWS VPN Client rhinosecuritylabscom/aws/cve-2022-25165-aws-vpn-client/ AWS WorkSpaces Remote Code Execution rhinosecuritylabscom/aws/cve-2021-38112-aws-workspaces-rce/ Resource Injection in CloudFormation Templates rhinosecuritylabscom/aws/cloud-malware-cloudformation-injection/ Down

Cloud Security - Attacks AWS Privilege Escalation to SYSTEM in AWS VPN Client rhinosecuritylabscom/aws/cve-2022-25165-aws-vpn-client/ AWS WorkSpaces Remote Code Execution rhinosecuritylabscom/aws/cve-2021-38112-aws-workspaces-rce/ Resource Injection in CloudFormation Templates rhinosecuritylabscom/aws/cloud-malware-cloudformation-injection/ Down

Cloud Service Provider security mistakes This page lists security mistakes by cloud service providers (AWS, GCP, and Azure) These are public mistakes on the cloud providers' side of the shared responsibility model This may be CVEs or bug bounties for issues in the services they run, but could also be in client software they provide, guidance they have given, failed audit

Rhino CVE Proof-of-Concept Exploits A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs CVE-2022-25372: Local Privilege Escalation In Pritunl VPN Client CVE-2022-25237: Authorization Bypass Leading to RCE in Bonitasoft Web CVE-2022-25166: AWS VPN Client Arbitrary File Write as SYSTEM CVE-2022-25165: AWS VPN Client Infor

Rhino CVE Proof-of-Concept Exploits A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs CVE-2022-25372: Local Privilege Escalation In Pritunl VPN Client CVE-2022-25237: Authorization Bypass Leading to RCE in Bonitasoft Web CVE-2022-25166: AWS VPN Client Arbitrary File Write as SYSTEM CVE-2022-25165: AWS VPN Client Infor

Rhino CVE Proof-of-Concept Exploits A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs CVE-2022-25372: Local Privilege Escalation In Pritunl VPN Client CVE-2022-25237: Authorization Bypass Leading to RCE in Bonitasoft Web CVE-2022-25166: AWS VPN Client Arbitrary File Write as SYSTEM CVE-2022-25165: AWS VPN Client Infor