Remote Code Execution

⚔️ Attack Types Related 19
slug: rce

Explanation

RCE (Remote Code Execution) は「攻撃者が遠隔から、サーバー上で任意のプログラムを実行できる」最も深刻な脆弱性です。 これが成立すると、サーバー全体が乗っ取られ、データ全削除・暗号通貨マイニング・ランサムウェア感染・他社攻撃の踏み台化など何でもされます。 セキュリティ業界では「最悪レベル」「最優先で塞ぐべき」と扱われます。
📌 Example
Log4Shell (CVE-2021-44228), Heartbleed (CVE-2014-0160) の後継 OpenSSL系, MOVEit Transfer (CVE-2023-34362) など。被害規模は数千億円〜兆円単位。

🔖 Related tags

🛡 Vulnerabilities tagged with this 1,234

ID Title
CVE-2017-11386 SQL Injection in sqli (CVE-2017-11386)
CVE-2017-11388 SQL Injection in csharp (CVE-2017-11388)
CVE-2017-11389 Path Traversal in path-traversal (CVE-2017-11389)
CVE-2017-8663 Buffer Overflow in microsoft (CVE-2017-8663)
CVE-2017-9521 Vulnerability in cisco (CVE-2017-9521)
CVE-2016-10402 Buffer Overflow in avira (CVE-2016-10402)
CVE-2017-6753 A vulnerability in Cisco WebEx browser extensions for Google Chrome and Mozilla Firefox could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected br...
CVE-2015-1332 The oxide::JavaScriptDialogManager function in oxide-qt before 1.9.1 as packaged in Ubuntu 15.04 and Ubuntu 14.04 allows remote attackers to cause a denial of service (application crash) or execute ar...
CVE-2015-2280 snwrite.cgi in AirLink101 SkyIPCam1620W Wireless N MPEG4 3GPP network camera with firmware FW_AIC1620W_1.1.0-12_20120709_r1192.pck allows remote authenticated users to execute arbitrary OS commands vi...
CVE-2017-7480 Vulnerability in rootkit-hunter-project (CVE-2017-7480)
CVE-2017-1373 Reports executed in the IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 contains a vulnerability that could allow an authenticated user to execute a report they do not have access to. IBM X-Force I...
CVE-2015-3638 phpMyBackupPro before 2.5 does not validate integer input, which allows remote authenticated users to execute arbitrary PHP code by injecting scripts via the path, filename, and period parameters to s...
CVE-2017-11495 Vulnerability in phicomm (CVE-2017-11495)
CVE-2017-9785 Unsafe Deserialization in csrf (CVE-2017-9785)
CVE-2017-9639 Buffer Overflow in fujielectric (CVE-2017-9639)
CVE-2017-2345 Vulnerability in dos (CVE-2017-2345)
CVE-2017-1000081 Unrestricted File Upload in onosproject (CVE-2017-1000081)
CVE-2017-1000034 Unsafe Deserialization in deserialization (CVE-2017-1000034)
CVE-2017-1000062 Path Traversal in path-traversal (CVE-2017-1000062)
CVE-2017-0152 Buffer Overflow in microsoft (CVE-2017-0152)
CVE-2017-0028 Buffer Overflow in microsoft (CVE-2017-0028)
CVE-2017-8617 Buffer Overflow in microsoft (CVE-2017-8617)
CVE-2017-8619 Buffer Overflow in microsoft (CVE-2017-8619)
CVE-2017-8565 Vulnerability in microsoft (CVE-2017-8565)
CVE-2017-8584 Vulnerability in microsoft (CVE-2017-8584)
CVE-2017-8588 Vulnerability in microsoft (CVE-2017-8588)
CVE-2017-8589 Vulnerability in microsoft (CVE-2017-8589)
CVE-2017-0243 Buffer Overflow in c (CVE-2017-0243)
CVE-2017-8463 Vulnerability in microsoft (CVE-2017-8463)
CVE-2017-8501 Buffer Overflow in microsoft (CVE-2017-8501)

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →