Forum Discussion
dotCMS Remote Code Execution (CVE-2022-26352)
Hi all, I completed all steps and got RCE, I thought I found the password but lab says its not valid. Please check the screenshots. Is it a lab error or..?
Thanks in advance
Hey AtakanBal
I can share some guidance from our internal lab guide if this helps you at all? Have you tried running the 'env' command in the webshell? The answer should be within the DB_PASSWORD variable.
Does that help at all?
3 Replies
- ChrisKershaw
Community Support
Hey AtakanBal
I can share some guidance from our internal lab guide if this helps you at all? Have you tried running the 'env' command in the webshell? The answer should be within the DB_PASSWORD variable.
Does that help at all?- AtakanBal
Bronze III
Ahh, Yes! Thank you.
- TillyCorless
Community Manager
Hi AtakanBal thanks for asking on the community. I'll check this with the lab author and get back to you!