On Tuesday in my CISA
advisory post on Substack, I included a down-the-rabbit-hole (DTRH) look at
the delay between the apparent 2019 discovery (per the CVE number - CVE-2019-6268)
of the path traversal vulnerability reported
by CISA on Tuesday and the publication of an exploit earlier this year. I
contacted Branko Milicevic, the researcher who originally identified the
vulnerability and published the exploit, to find out the classic ‘rest of the
story’.
For more details about that ‘rest of the story’, see my
article on CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/rabbit-hole-update
- subscription required.
Posts
No comments:
Post a Comment