Pascom: The story of 3 bugs that lead to unauthed RCE.

Author: Daniel Eshetu

Date: 27/02/2022 19:24

TLDR:

A detailed post on how I chained 3 vulnerabilities (A path traversal, An SSRF in an external piece of software and a post-authentication RCE) into a full pre-auth RCE in Pascoms Cloud phone system.