Lucene search

K
hackeroneCha5mH1:212985
HistoryMar 13, 2017 - 4:14 a.m.

U.S. Dept Of Defense: Remote code execution vulnerability on a DoD website

2017-03-1304:14:12
cha5m
hackerone.com
111

EPSS

0.975

Percentile

100.0%

A remote code execution (RCE) vulnerability was found on a DoD website which could have enabled an attacker to execute remote commands on the web server. Thank you @n0rb3r7 for notifying us of this vulnerability!
I was able to leverage a recent, well-known vulnerability to achieve arbitrary, remote command execution on a U.S. Department Of Defense server.