A WSO2 Vulnerability is Fraught with Remote Code Execution

The products by WSO2, an open-source API, applications, and web services provider, have been attacked in the wild through the CVE-2022-29464 vulnerability detected back in April 2022. This vulnerability allows attackers to execute malicious code remotely via unhindered file uploading. The scheme of the attack begins with web shell installation through *.jsp or *.war files… Continue reading A WSO2 Vulnerability is Fraught with Remote Code Execution