Sept. 18, 2023, 1:20 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics

By Maciej Domanski, Travis Peters, and David Pokora

We identified 10 security vulnerabilities within the caddy-security plugin for the Caddy web server that could enable a variety of high-severity attacks in web applications, including client-side code execution, OAuth replay attacks, and unauthorized access to resources.

During our evaluation, Caddy was deployed as a reverse proxy to provide access to several of our internal services. We explored a plugin configuration that would allow us to handle authentication and authorization with our …

access applications attacks client client-side code code execution enable evaluation flaws high oauth plugin replay resources security security flaws server severity sso travis unauthorized access vulnerabilities web web applications web server

Business Information Security Officer

@ Metrolink | Los Angeles, CA

Senior Security Engineer

@ Freedom of the Press Foundation | Remote, 4 hour time zone overlap with New York City

Security Engineer

@ ChartMogul | Remote, EU

Malware Reverse Engineer

@ Two Six Technologies | Fort Meade, Maryland

SOC Analyst Level 3

@ OpenBet | Bengaluru, India

Course Developer, Network Security

@ Palo Alto Networks | Plano, TX, United States