OpenConf 5.30 - Multi-Step Remote Command Execution
10 min read
17 Dec 2016
by
Johannes Dahse
Today, we present a multi-step command execution vulnerability in the popular conference management software OpenConf. The vulnerability was reported and fixed a while ago, but the chain of 4 exploitation steps involved makes it a very interesting vulnerability sample for our advent calendar. 4 - 3 - 2 - 1 …