Command Injection | writeups.xyz

Title	Vulnerabilities	Programs	Authors
Git-Syncing into Trouble: Exploring Command Injection Flaws in Kubernetes	Command Injection	Kubernetes	Tomer Peled (@Tomerpeled92)
Can't Be Contained: Finding a Command Injection Vulnerability in Kubernetes	RCE Command Injection Security Code Review	Kubernetes	Tomer Peled (@Tomerpeled92)
Shambles: The Next-Generation IoT Reverse Engineering Tool to Discover 0-Day Vulnerabilities	IoT Buffer Overflow Command Injection Reverse Engineering	Undisclosed	Olivier Laflamme (@Olivier_boschko)
LogicalDOC Vulnerability Disclosure	XXE RCE Command Injection Privilege Escalation	LogicalDOC	Brett DeWall (@Xbadbiddyx) Michael Rand
The first step to PWN2OWN - A sad one	Command Injection	Netgear	Vương Quốc Huy
The Last Breath of Our Netgear RAX30 Bugs - A Tragic Tale before Pwn2Own Toronto 2022	Command Injection RCE Security Code Review	Netgear	Vu Thi Lan (@Lanleft_) Nguyễn Hoàng Thạch (@Hi_im_d4rkn3ss)
Pre-Auth RCE with CodeQL in Under 20 Minutes	Security Code Review RCE Command Injection Broken Authorization	PgAdmin	Florian Hauser (@Frycos)
Exploiting Distroless Images	Command Injection Arbitrary File Read Arbitrary File Write Container Escape	Google	Daniel Teixeira (@TheRedOperator)
Cloudflare Pages, part 1: The fellowship of the secret	Command Injection Container Escape Bash Path Injection RCE Local Privilege Escalation Information Disclosure	Cloudflare	Sean Yeoh (@Seanyeoh) James Hebden (@Devec0)
Blind Command Injection - It hurts	Command Injection RCE	Undisclosed	Jerry Shah (@Jerry)
An unknown Linux secret that turned SSRF to OS Command injection	SSRF Command Injection	Undisclosed	SecureITmania (@Secureitmania)
Pwning Avast Secure Browser for fun and profit	RCE Command Injection	Avast	Wladimir Palant (@WPalant)

Page 1 of 1