50 Shades of SolarWinds Orion Deserialization (Part 1: CVE-2021–35215)

  • CVE-2021–35215: SolarWinds Orion Platform ActionPluginBaseView Deserialization of Untrusted Data RCE Vulnerability
  • CVE-2021–35216: Patch Manager Orion Platform Module: Edit Research Controls Deserialization of Untrusted Data Remote Code Execution Vulnerability
  • CVE-2021–35217: Patch Manager Orion Platform Module: WSAsyncExecuteTasks Deserialization of Untrusted Data Remote Code Execution Vulnerability
  • CVE-2021–35218: Patch Manager Orion Platform Module: Chart Endpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability => (Thực ra bug này là Pre-Auth RCE)
  • Source là một Setter Method
  • Có thừa kế class System.Web.UI.Control
  • Sink có thể RCE hoặc write file gì đó

--

--

--

asdasd asdasdasd asdasdasd

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Jang

Jang

asdasd asdasdasd asdasdasd

More from Medium

Launching A WordPress Application With MYSQL Database in K8S Cluster On AWS Using Ansible

picoCTF - jAuth writeup

Bypassing IP Based Blocking with IP Rotate Burp Extension.

CSRF (Cross-Site Request Forgery) Explained