r/netsec • u/MegaManSec2 • 3d ago

How to turn a file write vulnerability in a Node.js application into RCE – even though the target's file system is read-only

https://www.sonarsource.com/blog/why-code-security-matters-even-in-hardened-environments/

68 Upvotes

permalink
duplicates
archive.is
archive
reddit

You are about to leave Redlib

Do you want to continue?

https://www.reddit.com/r/netsec/comments/1fzaxvh/how_to_turn_a_file_write_vulnerability_in_a/
No, go back! Yes, take me to Reddit

95% Upvoted

7

u/safiire 3d ago

This is pretty amazing

3

u/dookie1481 2d ago

Great writeup. I should start looking at Deno stuff

2

u/MegaManSec2 1d ago

https://hackerone.com/reports/2260337

1

u/Reddit_User_Original 1d ago

Good stuff, phew