AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Exiftool vulnerability2/20/2023 Since the server decodes the URL from the requests, it may restrict the access to some URL paths by validating and filtering out the URL requests it received. This is often referred as escaped ending or percent-encoding. For instance US-ASCII space character would be represented with %20. Special characters are represented using a percentage character followed by two digits representing the octet code of the original character (%HEX-CODE). A URL may contain special character that need special syntax handling in order to be interpreted. An attacker can take advantage of the multiple ways of encoding a URL and abuse the interpretation of the URL. This attack targets the encoding of the URL combined with the encoding of the slash characters.
0 Comments
Read More
Leave a Reply. |