tags:ghostscriptpath_traversalsbx original link: CVE-2024-29511: Abusing Ghostscript’s OCR device newsletter link: exploits.club Weekly Newsletter 29


Exploits Club Summary:

@SinSinology looked like 1991-1993 Chicago Bulls, going back-to-back-to-back on WhatsUp Gold this week. The Michael Jordan of embarrassing Progress demonstrated 2 different path traversals, both of which he was able to turn into Pre-Auth RCEs. Then, to add insult to injury, he was able to demonstrate a PrivEsc simply by…overwriting the administrator’s password via an endpoint exposed to unauthenticated users. We have included a few of his write-ups in the past, and these follow a very similar pattern - tracing from attacker controlled data down the call stack to the vulnerability.


backlink: CVE-2024-29510 – Exploiting Ghostscript using format strings