writeups.xyz / CVE-2024-27292: docAssembling exploits for RCE

Submitter : c2a

Date: 1 July 2024

Bounty : undisclosed

Vulnerabilities :

• RCE
• SSTI
• Path Traversal
• Privilege Escalation

Programs :

• Docassemble

Authors :

• Riyush Ghimire

Link :
https://tantosec.com/blog/docassemble/