writeups.xyz / [2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package

Submitter : c2a

Date: 18 September 2024

Bounty : 2,500

Vulnerabilities :

• RCE
• Dependency Confusion

Programs :

• Undisclosed

Authors :

• Fuleki Ioan

Link :
https://medium.com/@p0lyxena/2-500-bug-bounty-write-up-remote-code-execution-rce-via-unclaimed-node-package-6b9108d10643