Vulnerabilities (Page 5)

XNU: NFSSVC root check bypass; use after free due to insufficient locking in upcall worker threads

This was a fun authorization check bypass because when checking if higher privileges were needed the flag value was checked for equality with the two privileged actions.Later on however, when deciding what handler to use to handle to request, it used a bitwise operation to check if the specific bit is set…


SSRF Cross Protocol Redirect Bypass

When using the ssrfFilter library in conjunction with the Request library in JavaScript there is a bug that can result in the SSRF filter being disabled.The way the anti-SSRF library, ssrfFilter works is that is creates its own object that cna be used in=place of Node’s default request agent for http/http requests…


EmojiDeploy: Smile! Your Azure Web Service Got RCE’d ._.

A few vulnerabilities in Azure Web Services via Kudu Git repo manager used for git deployments.Kudu exports a source control management (SCM) portal that can be accessed if you’re authenticated into the instance through Azure Active Directory (AAD), which allows you to manage your web app…