📄 js2py 0.74 Automated Sandbox Escape / Code Execution

js2py version 0.74 automated sandbox escape and remote code execution exploit with a reverse shell. ============================================================================================================================================= | Title : js2py v0.74 Automated Sandbox Escape & Revers...

Linux Distros Unpatched Vulnerability : CVE-2024-28397

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in the component js2py.disablepyimport of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API call. CVE-2024-28397 Note that...

Exploit for CVE-2024-28397

CVE-2024-28397-command-execution-poc This vulnerability arises...

Remote Code Execution (RCE)

js2py is vulnerable to Remote Code Execution RCE. The vulnerability is due to the js2py.disablepyimport function failing to prevent JS sandbox escape, which allows an attacker to send crafted API calls which results in arbitrary code execution...

UBUNTU-CVE-2024-28397

An issue in the component js2py.disablepyimport of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API call...