Preços Enterprise

CVE-2021-28254

9.8CRITICAL

A deserialization vulnerability in the destruct() function of Laravel v8.5.9 allows attackers to execute arbitrary commands.

Publicado: 4/19/2023Atualizado: 3/5/2025

Ver no NVD Ver no MITRE

Descrição

A deserialization vulnerability in the destruct() function of Laravel v8.5.9 allows attackers to execute arbitrary commands.

Análise IADesenvolvido por IA

Produtos Afetados

laravellaravel

8.5.9

Referências

https://s1mple-top.github.io/2021/03/09/Laravel8-new-pop-chain-mining-process/
ExploitThird Party Advisory
https://s1mple-top.github.io/2021/03/09/Laravel8-new-pop-chain-mining-process/
ExploitThird Party Advisory