Remote Code Execution (RCE)¶

It is a type of security vulnerability where an attacker can remotely execute arbitrary code on a target server or system. This typically happens due to improper input validation, insecure deserialization, vulnerable eval-like functions, or unsafe file handling.

<?php

    // direct execution of the incoming
    shell_exec($_GET['shell']);

?>

Documentation

See also RCE via a malicious SVG in mPDF.

Related : Vulnerability, Local File Inclusion, Execution, php://filter, Static Application Security Testing (SAST), Shell Exec

Remote Code Execution (RCE)¶

Navigation

Related Topics