Tag

Archivebox

1 brief RSS

ArchiveBox RCE via Unvalidated Configuration Overrides

ArchiveBox versions 0.8.6rc0 and earlier are vulnerable to remote code execution (RCE) due to unvalidated configuration overrides in the AddView (/add/ endpoint) allowing arbitrary command execution.

archivebox rce vulnerability

2r 1t Jan 9, 2024