Vulnerable to Log4j

Disclosed by
Ractiurd's avatar
Ractiurd
  • Engagement Undisclosed
  • Disclosed date over 2 years ago
  • Priority P1 Bugcrowd's VRT priority rating
  • Status Resolved This vulnerability has been accepted and fixed
Summary by Ractiurd

Everything based on recon and how I approached for the log4j.

Activity
  1. Akitsugu_Ito’s avatar
    Akitsugu_Ito Customer published the disclosure report

    ()

  2. Ractiurd’s avatar
    Ractiurd requested disclosure

    ()

  3. Akitsugu_Ito’s avatar
    Akitsugu_Ito Customer changed the state to Resolved

    ()

  4. Tal_Bugcrowd’s avatarbugcrowd logo
    Tal_Bugcrowd sent a message

    ()

  5. Tal_Bugcrowd’s avatarbugcrowd logo
    Tal_Bugcrowd marked the submission a duplicate of a previously submitted report

    ()

  6. Tal_Bugcrowd’s avatarbugcrowd logo
    Tal_Bugcrowd changed the state to Unresolved

    ()

  7. Tal_Bugcrowd’s avatarbugcrowd logo
    Tal_Bugcrowd updated VRT to Server-Side Injection > Remote Code Execution (RCE)

    ()

  8. Ractiurd’s avatar
    Ractiurd created the submission

    ()