Analyzing arbitrary file upload in Dasherr (CVE-2023-23607)

Analyzing arbitrary file upload in Dasherr (CVE-2023-23607)

CVEs

9.8 Critical Severity

Screenshots from the blog posts

images/clx5wziqy8nlh1hn7e1266bno.jpgimages/clx5wziqy8nlh1hn7e1266bno.jpg

Summary

In this post, we will perform the source code review of an open-source PHP application to detect an exploit of an arbitrary file upload vulnerability, eventually gaining a reverse shell on the target. We will conclude the analysis by checking the patches and making sense of them.

Description

@secatgourity

111 posts

Total vcoins

72.9K

Social media links

Comments (0)