writeups.xyz / Cloudflare Pages, part 1: The fellowship of the secret

Submitter : c2a

Date: 6 May 2022

Bounty : undisclosed

Vulnerabilities :

• Command Injection
• Container Escape
• Bash Path Injection
• RCE
• Local Privilege Escalation
• Information Disclosure

Programs :

• Cloudflare

Authors :

• Sean Yeoh (@Seanyeoh)
• James Hebden (@Devec0)

Link :
https://www.assetnote.io/resources/research/cloudflare-pages-part-1-the-fellowship-of-the-secret