| Title | Laravel5.1 Unserialize RCE |
|---|
| Description | Laravel has remote command execution, which can directly obtain system permissions, which is very harmful.
The impact of insecure deserialization can be severe, as it provides an entry point, resulting in a massive increase in the attack surface. It allows attackers to reuse existing application code in harmful ways, leading to many other vulnerabilities such as remote code execution.
Insecure deserialization can lead to privilege escalation, access to arbitrary files, and denial of service attacks even when remote code execution is not possible. |
|---|
| Source | ⚠️ https://github.com/beicheng-maker/vulns/issues/3 |
|---|
| User | cppuzhang (UID 31043) |
|---|
| Submission | 08/17/2022 07:14 (4 years ago) |
|---|
| Moderation | 08/18/2022 09:24 (1 day later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 206688 [Laravel 5.1 deserialization] |
|---|
| Points | 20 |
|---|