all InfoSec news
DoubleQlik: Bypassing the Fix for CVE-2023-41265 to Achieve Unauthenticated Remote Code Execution
Security Boulevard securityboulevard.com
Overview On August 29th, 2023, Qlik issued a patch for two vulnerabilities we identified in Qlik Sense Enterprise, CVE-2023-41265 and CVE-2023-41266. These vulnerabilities allowed for unauthenticated remote code execution via path traversal and HTTP request tunneling. As part of our standard operating procedure, we performed a diff of the issued patch to identify potential bypasses […]
The post DoubleQlik: Bypassing the Fix for CVE-2023-41265 to Achieve Unauthenticated Remote Code Execution appeared first on Praetorian.
The post DoubleQlik: Bypassing the …
application security august bypassing code code execution cve enterprise fix http labs patch path path traversal procedure qlik qlik sense remote code remote code execution request standard tunneling unauthenticated vulnerabilities vulnerability research