CVE-2021-28254
9.8CRITICALA deserialization vulnerability in the destruct() function of Laravel v8.5.9 allows attackers to execute arbitrary commands.
Veröffentlicht: 4/19/2023Aktualisiert: 3/5/2025
Beschreibung
A deserialization vulnerability in the destruct() function of Laravel v8.5.9 allows attackers to execute arbitrary commands.
KI-AnalyseKI-gestützt
Betroffene Produkte
laravellaravel
8.5.9
Referenzen
- https://s1mple-top.github.io/2021/03/09/Laravel8-new-pop-chain-mining-process/ExploitThird Party Advisory
- https://s1mple-top.github.io/2021/03/09/Laravel8-new-pop-chain-mining-process/ExploitThird Party Advisory