writeups.xyz / Unrestricted file upload in Rocket TRUfusion Enterprise <= 7.9.6.0

Submitter : c2a

Date: 30 November 2022

Bounty : undisclosed

Vulnerabilities :

• Unrestricted File Upload
• Security Code Review
• RCE

Programs :

• Rocket Software

Authors :

• Mehdi Elyassa
• Kevin Tellier

Link :
https://www.synacktiv.com/sites/default/files/2022-11/trufusion_enterprise_unauthenticated_arbitrary_file_write.pdf