I used to write plugins for a vulnerability scanner for my job. Authenticated RCE or post-auth RCE was a common enough term. Just a vuln in an app after logging in.
-
-
Yup! Absolutely, this is also privilege escalation. Escalation all the way to code exec as system.
-
A big part of why I don't want to lose the RCE label is like
@Meatballs__ was saying: if it's marked LPE only, people won't think it's useful for lateral movement and gaining privs inside an org, which isn't true. - 3 more replies
New conversation -
-
-
I think the tricky point is the word "local" in LPE - since running code on another PC isn't really local (unless local == Domain).
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
