Safeguard
Tag

remote-code-execution

Safeguard articles tagged "remote-code-execution" — guides, analysis, and best practices for software supply chain and application security.

55 articles

Vulnerability Analysis

What is Server-Side Template Injection (SSTI)

SSTI lets attackers turn untrusted input into executable template code, often leading to full remote code execution — here's how it works and how to stop it.

Mar 27, 20266 min read
Vulnerability Analysis

Fortinet CVE-2024-21762 Deep Dive: Why SSL-VPN Keeps Producing Critical CVEs

The February 2024 FortiOS SSL-VPN remote code execution vulnerability continues a pattern of high-impact CVEs in edge appliances. A technical retrospective and structural analysis.

Mar 18, 20265 min read
Vulnerability Analysis

What Was the Shellshock Vulnerability

Shellshock (CVE-2014-6271) let attackers run code on millions of Bash-based systems via a single crafted header. Here's the full breakdown and fix.

Feb 12, 20268 min read
Vulnerability Analysis

What is Spring4Shell

Spring4Shell (CVE-2022-22965) let attackers gain unauthenticated RCE on Java apps via Spring data binding. Here's the full breakdown and fix.

Feb 10, 20267 min read
Vulnerability Analysis

Spring4Shell (CVE-2022-22965): root cause and remote code...

Spring4Shell (CVE-2022-22965) let attackers manipulate Java class loaders via Spring data binding to achieve RCE on Tomcat-deployed apps. Root cause, timeline, and fixes.

Jan 22, 20269 min read
Vulnerability Analysis

Apache Struts2 RCE behind the Equifax breach (CVE-2017-5638)

CVE-2017-5638, the Apache Struts2 RCE behind the Equifax breach, exposed 147.9M records. Here's the flaw, timeline, and how to remediate it.

Jan 19, 20267 min read
Vulnerability Analysis

Spring4Shell RCE in Spring Framework (CVE-2022-22965)

A deep dive into CVE-2022-22965 (Spring4Shell): the critical Spring Framework RCE, its exploitation chain, timeline, and how to remediate it fast.

Jan 18, 20267 min read
Vulnerability Analysis

Struts2 OGNL injection RCE (CVE-2018-11776)

CVE-2018-11776 lets remote attackers achieve full RCE in Apache Struts2 via OGNL injection in URL namespaces. Impact, timeline, and fixes inside.

Jan 18, 20267 min read
Vulnerability Analysis

Ghostcat Apache Tomcat AJP file read/RCE (CVE-2020-1938)

CVE-2020-1938 'Ghostcat' exposes Apache Tomcat's AJP connector to file read and RCE. Here's the ghostcat tomcat AJP vulnerability impact and how to fix it.

Jan 17, 20267 min read
Vulnerability Analysis

PrintNightmare Windows Print Spooler RCE (CVE-2021-34527)

A critical Print Spooler flaw (CVE-2021-34527) enabled unauthenticated SYSTEM-level RCE on nearly every Windows host. Here's what happened and how to fix it.

Jan 17, 20268 min read
Vulnerability Analysis

OpenSSH forwarded ssh-agent RCE (CVE-2023-38408)

CVE-2023-38408 lets a malicious SSH server hijack a forwarded ssh-agent to run code on the client. Impact, affected versions, and fixes.

Jan 15, 20267 min read
Vulnerability Analysis

OpenSSH agent forwarding RCE (CVE-2016-10009)

A malicious or compromised SSH server could abuse forwarded ssh-agent connections to load arbitrary PKCS#11 modules and run code on the client.

Jan 15, 20267 min read
remote-code-execution (Page 2) — Safeguard Blog