Цены Enterprise

CVE-2021-28254

9.8CRITICAL

A deserialization vulnerability in the destruct() function of Laravel v8.5.9 allows attackers to execute arbitrary commands.

Опубликовано: 4/19/2023Обновлено: 3/5/2025

Посмотреть на NVD Посмотреть на MITRE

Описание

A deserialization vulnerability in the destruct() function of Laravel v8.5.9 allows attackers to execute arbitrary commands.

ИИ-АнализНа базе ИИ

Затронутые продукты

laravellaravel

8.5.9

Ссылки

https://s1mple-top.github.io/2021/03/09/Laravel8-new-pop-chain-mining-process/
ExploitThird Party Advisory
https://s1mple-top.github.io/2021/03/09/Laravel8-new-pop-chain-mining-process/
ExploitThird Party Advisory