Exploitable PoC Released for CVE-2024-38077: 0-Click RCE Threatens All Windows Servers
Security researchers have detailed and published a PoC exploit code for a critical vulnerability, designated as CVE-2024-38077 (CVSS 9.8)
Qlik Sense Remote Code Execution Technical Exploitation -
Deep technical details of how we combined HTTP request tunneling and path traversal vulnerabilities to permit unauthorized RCE in Qlik Sense.