AtakanBal
15 days agoBronze III
dotCMS Remote Code Execution (CVE-2022-26352)
Hi all, I completed all steps and got RCE, I thought I found the password but lab says its not valid. Please check the screenshots. Is it a lab error or..?
Thanks in advance
Hey AtakanBal
I can share some guidance from our internal lab guide if this helps you at all? Have you tried running the 'env' command in the webshell? The answer should be within the DB_PASSWORD variable.
Does that help at all?