RCE on TikTok Ads Portal
Critical
T
TikTok
Submitted None
Team Summary
Official summary from TikTok
The video upload endpoint on the TikTok Ads portal was potentially susceptible to remote code execution (RCE) due to a ffmpeg misconfiguration. We thank @ bubbounty for reporting this to our team and confirming the resolution.
Actions:
Reported by
freesec
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Code Injection