料金エンタープライズ

CVE-2021-28254

9.8CRITICAL

A deserialization vulnerability in the destruct() function of Laravel v8.5.9 allows attackers to execute arbitrary commands.

公開日: 4/19/2023更新日: 3/5/2025

NVDで表示 MITREで表示

説明

A deserialization vulnerability in the destruct() function of Laravel v8.5.9 allows attackers to execute arbitrary commands.

AI分析AIによる分析

影響を受ける製品

laravellaravel

8.5.9

参照

https://s1mple-top.github.io/2021/03/09/Laravel8-new-pop-chain-mining-process/
ExploitThird Party Advisory
https://s1mple-top.github.io/2021/03/09/Laravel8-new-pop-chain-mining-process/
ExploitThird Party Advisory