module
Kong Gateway Admin API Remote Code Execution
| Disclosed |
|---|
| Oct 13, 2020 |
Disclosed
Oct 13, 2020
Description
This module uses the Kong admin API to create a route and a serverless function plugin that is associated with
the route. The plugin runs Lua code and is used to run a system command using os.execute(). After execution the
route is deleted, which also deletes the plugin.
the route. The plugin runs Lua code and is used to run a system command using os.execute(). After execution the
route is deleted, which also deletes the plugin.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.