cve/CVE-2018-1000500.md at 410e68ca9dddb67493d84ae4fe8e1a9e392594db

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 09:12:08 +00:00

0xMarcio 49bdc782b3 Update Sun May 26 14:27:04 CEST 2024

2024-05-26 14:27:05 +02:00

Description

Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code execution. This attack appear to be exploitable via Simply download any file over HTTPS using "busybox wget https://compromised-domain.com/important-file".

POC

Reference

No PoCs from references.

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/alphaSeclab/sec-daily-2020

789 B Raw Blame History

CVE-2018-1000500

Description

POC

Reference

Github

789 B

Raw Blame History