FapsParty
LiveOverflow
LiveOverflow

patreon


Finding 0day in Apache APISIX During CTF (CVE-2022-24112)

In this video we perform a code audit of Api6 and discover a default configuration that can be escalated to remote code execution.


CVE-2022-24112: https://seclists.org/oss-sec/2022/q1/133

GitLab: https://liveoverflow.com/gitlab-11-4-7-remote-code-execution-real-world-ctf-2018/

Challenge files: https://github.com/chaitin/Real-World-CTF-4th-Challenge-Attachments/tree/master/API6

Finding 0day in Apache APISIX During CTF (CVE-2022-24112)

More Creators