RedPacket Security

InfoSec News & Tutorials

Uncategorized 

[RT-SA-2020-005] Arbitrary File Disclosure and Server-Side Request Forgery in BigBlueButton

admin , , , , , , , , ,
Click the icon to Follow me:- twitterTelegramRedditDiscord

Posted by RedTeam Pentesting GmbH on Oct 21

The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 6 cores and 12 processing threads bundled with the quiet AMD wraith stealth cooler max temps 95°C 4 2 G...
AMD Ryzen 5 3600 6-Core, 12-Thread Unlocked Desktop Processor with Wraith Stealth Cooler $199.99
The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 6 cores and 12 processing threads bundled with the quiet AMD wraith stealth cooler max temps 95°C 4 2 G... read more
(as of January 18, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 8 cores and 16 processing threads, bundled with the AMD Wraith Prism cooler with color controlled LED s...
AMD Ryzen 7 3700X 8-Core, 16-Thread Unlocked Desktop Processor with Wraith Prism LED Cooler $324.99
The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 8 cores and 16 processing threads, bundled with the AMD Wraith Prism cooler with color controlled LED s... read more
(as of January 18, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 12 cores and 24 processing threads, bundled with the AMD Wraith Prism cooler with color controlled LED ...
AMD Ryzen 9 3900X 12-core, 24-thread unlocked desktop processor with Wraith Prism LED Cooler
4.9 out of 5 stars (8730)
$499.00
The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 12 cores and 24 processing threads, bundled with the AMD Wraith Prism cooler with color controlled LED ... read more
(as of January 18, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)

Advisory: Arbitrary File Disclosure and Server-Side Request Forgery in BigBlueButton

RedTeam Pentesting discovered a vulnerability in the BigBlueButton web
conferencing system which allows participants of a conference with
permissions to upload presentations to read arbitrary files from the
file system and perform server-side requests. This leads to
administrative access to the BigBlueButton instance.

Details
=======

Product: BigBlueButton…

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

You may be interested in...

  • Cyber Bully
  • A Battle of Equals
  • Cyber Crime
  • Cyber War
  • The Fifth Domain: Defending Our Country, Our Companies, and Ourselves in the Age of Cyber Threats

    • Patreon

    Original Source

    You May Also Like

    ransom note

    Honda and Enel impacted by cyber attack suspected to be ransomware

    admin
    UPnP With a Holiday Cheer2

    UPnP With a Holiday Cheer

    admin
    qq

    Online Bidding-Themed Phishing Campaigns Aims to Trick U.S. Federal Government Contractors

    admin