Overview
Explore a detailed analysis and exploit proof-of-concept development for CVE-2022-24086, a Magento Remote Code Execution vulnerability, in this DefCamp 2022 conference talk. Delve into the methodology used by Catalin Filip, a Security Researcher at Pentest-Tools.com, as he breaks down the vulnerability, demonstrates the exploit, and examines the filter function and method checking processes. Gain insights into using Burp Suite for vulnerability analysis and participate in a Q&A session to deepen your understanding of this critical security flaw in the Magento e-commerce platform.
Syllabus
Introduction
Demo
Filter function
Check for method
Burp
Questions
Taught by
DefCamp