Exploit demo for CVE-2024-51317, a use-after-free in the #NetSurf web browser enabling arbitrary code execution when JavaScript is enabled. Target is NetSurf 3.11 on Ubuntu 22.04.
Patched in upstream source code, still making its way to distro packages. To mitigate, disable JS (off by default).
The Gogs self-hosted Git service is vulnerable to symbolic link path traversal that enables remote code execution (CVE-2024-44625). The latest version at the time of writing (0.13.0) is affected. This vulnerability is exploitable against a default install, with the only attacker requirement being access to an account that can push to a repository and edit that repository’s files from the web interface. Per Gogs’ SECURITY.md, I reported this issue to the maintainers as a GitHub advisory on August 10, 2024.
Nice write-up for CVE-2020-27861 from @hypr (I found the vuln): https://blog.coffinsec.com/research/2022/07/02/orbi-nday-exploit-cve-2020-27861.html
My exploit was different, but I liked this approach to getting around the *really annoying* constraints, too.
qurlyjoe
