Can an attacker execute arbitrary commands on a remote server just by sending JSON? Yes, if the running code contains unsafe deserialization vulnerabilities.
Source: Github
Execute commands by sending JSON? Learn how unsafe deserialization vulnerabilities work in Ruby projects
- Google fixes 2 Vertex AI flaws that could lead to privilege escalation, model leaks
- The Importance of Team Culture in Startups – Brian Carbaugh – FS #4
- Data breach exposes 122M records from DemandScience following initial denials
- Bitsight acquires threat intelligence provider Cybersixgill for $115M
- 122 million people’s business contact info leaked by data broker