rce
Safeguard articles tagged "rce" — guides, analysis, and best practices for software supply chain and application security.
80 articles
Apache Struts CVE-2023-50164: Critical File Upload RCE Echoes Equifax-Era Nightmares
A critical path traversal vulnerability in Apache Struts allowed RCE through file upload manipulation. The disclosure triggered flashbacks to the 2017 Equifax breach caused by a similar Struts flaw.
Deserialization Attacks in Java and Python
Insecure deserialization turns data parsing into code execution. This guide covers deserialization attacks in Java and Python, the gadget chain concept, and practical defenses for both ecosystems.
PaperCut CVE-2023-27350: When Print Management Software Becomes a Ransomware Gateway
CVE-2023-27350 in PaperCut NG/MF allowed unauthenticated RCE through the print management server. Cl0p and LockBit ransomware groups jumped on it within days.
GitLab Critical RCE (CVE-2022-2884): Remote Code Execution via GitHub Import
A critical vulnerability in GitLab's GitHub import feature allowed authenticated attackers to execute arbitrary code on the server. The flaw highlighted risks in platform migration features.
VMware Workspace ONE CVE-2022-22954: Server-Side Template Injection Goes Enterprise
CVE-2022-22954 in VMware Workspace ONE Access allowed unauthenticated RCE via server-side template injection. Attackers used it to deploy cryptominers and backdoors.
Spring4Shell (CVE-2022-22965): Remote Code Execution in Spring Framework
A critical RCE in Spring Framework sent Java teams scrambling. While less catastrophic than Log4Shell, Spring4Shell exposed dangerous assumptions about ClassLoader access in Java web applications.
Apache HTTP Server CVE-2021-41773: A Path Traversal Bug That Should Have Been Caught in Code Review
CVE-2021-41773 allowed path traversal and RCE on Apache HTTP Server 2.4.49. The fix was incomplete, leading to CVE-2021-42013 days later. A lesson in patching under pressure.
ProxyShell: The Microsoft Exchange Exploit Chain That Wouldn't Stop
ProxyShell chained three Exchange vulnerabilities for unauthenticated remote code execution. Months after patches were available, thousands of servers remained exposed.