Found 4 bookmarks
Newest
Two Bytes is Plenty: FortiGate RCE with CVE-2024-21762
Two Bytes is Plenty: FortiGate RCE with CVE-2024-21762
Early this February, Fortinet released an advisory for an "out-of-bounds write vulnerability" that could lead to remote code execution. The issue affected the SSL VPN component of their FortiGate network appliance and was potentially already being exploited in the wild. In this post we detail the steps we took to identify the patched vulnerability and produce a working exploit.
#assetnote#EN#2024#exploitation#patch-diff#FortiGate#RCE#CVE-2024-21762
·assetnote.io·
Two Bytes is Plenty: FortiGate RCE with CVE-2024-21762
Exploiting Static Site Generators: When Static Is Not Actually Static
Exploiting Static Site Generators: When Static Is Not Actually Static
Over the last ten years, we have seen the industrialization of the content management space. A decade ago, it felt like every individual and business had a dynamic WordPress blog, loaded up with a hundred plugins to do everything from add widgets to improve performance. Over time, we realised this was a bad idea, as ensuring the security of third-party plugins seemed increasingly impossible.
#assetnote#EN#2022#Static#hosting#comromise#Netlify
·blog.assetnote.io·
Exploiting Static Site Generators: When Static Is Not Actually Static
Exploiting Static Site Generators: When Static Is Not Actually Static
Exploiting Static Site Generators: When Static Is Not Actually Static
Over the last ten years, we have seen the industrialization of the content management space. A decade ago, it felt like every individual and business had a dynamic WordPress blog, loaded up with a hundred plugins to do everything from add widgets to improve performance. Over time, we realised this was a bad idea, as ensuring the security of third-party plugins seemed increasingly impossible.
#assetnote#EN#2022#Static#hosting#comromise#Netlify
·blog.assetnote.io·
Exploiting Static Site Generators: When Static Is Not Actually Static