Skip to content

optionalCTF/Rocket.Chat-Automated-Account-Takeover-RCE-CVE-2021-22911

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
README.md
README.md
 
 
exploit.py
exploit.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

Rocket.Chat Automated Unauthenticated Account Takeover to RCE (CVE-2021-22911)

Full unauthenticated RCE proof of concept for Rocket.Chat 3.12.1 CVE-2021-22911

The original PoC created by Enox.

Currently this only works for accounts without 2FA. I will be adding 2FA bypasses shortly

Created by optional

About

Full unauthenticated RCE proof of concept for Rocket.Chat 3.12.1 CVE-2021-22911

Resources

Readme
Activity

Stars

9 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages