Cyber Legion: Your Partner in Trusted Business Security

a hand holding a gear wheel and a hand holding a wrench

Our offerings leverage advanced technology and expert knowledge to ensure your business and products are secure against evolving cyber threats while maintaining compliance.

Product Security

We Enhance Your Product Security to Ensure Business Continuity

Consultancy and Advisory

Your Partner in Cyber Resilience — Trusted Remote Security Consultants
See Pricing

Froxlor 2.0.6 Remote Command Execution

Froxlor versions 2.0.6 and below suffer from a bug that allows authenticated users to change the application logs path to any directory on the OS level which the user www-data can write without restrictions from the backend which leads to writing a malicious Twig template that the application will render. That leads to remote command execution under the user www-data.   Exploit Files ≈ Packet Storm 


More To Explore