Blog

• The SecOps Group
• 10 May 2022

Anatomy Of A File Upload Attack

TL;DR

1. File upload allows you to upload a ZIP file and extract its contents online.
2. Upload a ZIP file with a malicious symlink and extract arbitrary files from the server.
3. Pr0fit.

Recently our team discovered a vulnerabil...

• The SecOps Group
• 10 May 2022

An Empirical Analysis Of Apache Server 2.4.49 And 2.4.50 File Path Traversal And Remote Code Execution Vulnerabilities

In this blog post, Udit Bhadauria discussed about the latest Apache Server vulnerability. This blog post describes the vulnerability details, minimum requirements, affected versions, vulnerability detection, chaining vulnerability with Remote Code Execution and recommendation. Let&rsquo...