Precios Enterprise

CVE-2021-28254

9.8CRITICAL

A deserialization vulnerability in the destruct() function of Laravel v8.5.9 allows attackers to execute arbitrary commands.

Publicado: 4/19/2023Actualizado: 3/5/2025

Ver en NVD Ver en MITRE

Descripción

A deserialization vulnerability in the destruct() function of Laravel v8.5.9 allows attackers to execute arbitrary commands.

Análisis IAImpulsado por IA

Productos Afectados

laravellaravel

8.5.9

Referencias

https://s1mple-top.github.io/2021/03/09/Laravel8-new-pop-chain-mining-process/
ExploitThird Party Advisory
https://s1mple-top.github.io/2021/03/09/Laravel8-new-pop-chain-mining-process/
ExploitThird Party Advisory