Remote command execution (RCE) vulnerability on a DoD website
Critical
U
U.S. Dept Of Defense
Submitted None
Team Summary
Official summary from U.S. Dept Of Defense
A remote command execution (RCE) vulnerability was found on a DoD website which could have enabled an attacker to execute remote commands on the web server. @japp1 was able to demonstrate this vulnerability by crafting a specially formatted URL. Thanks @japp1!
Actions:
Reported by
japp1
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Code Injection