When Trust Fails - Unauthenticated RCE via API calls from CLI Binary

In one of my recent 3rd party security assessments the objective was to perform a security review on an application that is hosted internally in the clients network. The application is a file system data platform that specializes in high-performance, scalable storage solutions for enterprise applications. This application is used by organizations in a variety of industries, including finance, healthcare, and research, to store and analyze large amounts of data.

Read More