Lucene search

K
hackerone0daystoliveH1:212022
HistoryMar 09, 2017 - 5:59 p.m.

U.S. Dept Of Defense: Remote Code Execution (RCE) in a DoD website

2017-03-0917:59:08
0daystolive
hackerone.com
516

EPSS

0.975

Percentile

100.0%

A remote code execution (RCE) vulnerability was found on a DoD website which could have enabled an attacker to execute remote commands on the web server. @0daystolive and @dly were able to demonstrate this vulnerability by developing a custom script that caused the webserver to execute a benign command. This was a very clever demonstration. Thank you!