Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://mastodon.social/users/campuscodi/statuses/112230060721197406">Catalin Cimpanu (campuscodi@mastodon.social)'s status on Sunday, 07-Apr-2024 22:31:37 JST</a><a href="https://mastodon.social/@campuscodi" title="campuscodi@mastodon.social"><img src="https://gnusocial.jp/avatar/22592-48-20221110145451.webp" width="48" height="48" alt="Catalin Cimpanu" style="position: absolute; left: 0; top: 0;">Catalin Cimpanu</a></section><article><p>"I discovered a pre-auth path traversal vulnerability in the Jasmin Ransomware web panel (CVE-2024-30851), allowing an attacker to deanonymize panel operators and dump decryption keys"</p><p><a href="https://github.com/chebuya/CVE-2024-30851-jasmin-ransomware-path-traversal-poc" rel="nofollow noreferrer">https://github.com/chebuya/CVE-2024-30851-jasmin-ransomware-path-traversal-poc</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2908512#notice-5784419">In conversation</a><time datetime="2024-04-07T22:31:37+09:00" title="Sunday, 07-Apr-2024 22:31:37 JST">about 8 months ago</time> <span>from <span><a href="https://mastodon.social/@campuscodi/112230060721197406" rel="external" title="Sent from mastodon.social via ActivityPub">mastodon.social</a></span></span><a href="https://mastodon.social/@campuscodi/112230060721197406">permalink</a><h4>Attachments</h4><ol><li><article><header><div>Domain not in remote thumbnail source whitelist: opengraph.githubassets.com</div><h5><a href="https://github.com/chebuya/CVE-2024-30851-jasmin-ransomware-path-traversal-poc">GitHub - chebuya/CVE-2024-30851-jasmin-ransomware-path-traversal-poc: Jasmin ransomware web panel path traversal PoC</a></h5><div></div></header><div>Jasmin ransomware web panel path traversal PoC. Contribute to chebuya/CVE-2024-30851-jasmin-ransomware-path-traversal-poc development by creating an account on GitHub.</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Catalin Cimpanu (campuscodi@mastodon.social)'s status on Sunday, 07-Apr-2024 22:31:37 JST Catalin Cimpanu
"I discovered a pre-auth path traversal vulnerability in the Jasmin Ransomware web panel (CVE-2024-30851), allowing an attacker to deanonymize panel operators and dump decryption keys"
https://github.com/chebuya/CVE-2024-30851-jasmin-ransomware-path-traversal-poc
In conversationabout 8 months ago from mastodon.socialpermalink
Attachments
1. Domain not in remote thumbnail source whitelist: opengraph.githubassets.com
  GitHub - chebuya/CVE-2024-30851-jasmin-ransomware-path-traversal-poc: Jasmin ransomware web panel path traversal PoC
  Jasmin ransomware web panel path traversal PoC. Contribute to chebuya/CVE-2024-30851-jasmin-ransomware-path-traversal-poc development by creating an account on GitHub.

Public

Embed Notice

HTML Code

Corresponding Notice