Summary

In this post, we will analyze an automated exploit targeting vulnerable webpack-dev-middleware package. The specific vulnerability being targeted is a path traversal and the exploit pulls the user-supplied file from the target machine (provided that it exists).

general

Description