CVE-2021-28254
9.8CRITICALA deserialization vulnerability in the destruct() function of Laravel v8.5.9 allows attackers to execute arbitrary commands.
게시됨: 4/19/2023업데이트됨: 3/5/2025
설명
A deserialization vulnerability in the destruct() function of Laravel v8.5.9 allows attackers to execute arbitrary commands.
AI 분석AI 기반
영향받는 제품
laravellaravel
8.5.9
참조
- https://s1mple-top.github.io/2021/03/09/Laravel8-new-pop-chain-mining-process/ExploitThird Party Advisory
- https://s1mple-top.github.io/2021/03/09/Laravel8-new-pop-chain-mining-process/ExploitThird Party Advisory