Article List

GNUBoard5 RCE & MySQL Credential Leak

Thu Jan 17 2019 21:55:15 GMT+0900 (일본 표준시)

Table of Contents

What is GNUBoard?

GNUBoard is the most popular BBS board in South Korea.

I received $500 for RCE on Windows and $50 for MySQL password leak.


Crypto Exploit PoC:

RCE Exploit PoC:


Issues have been fixed by the vendor.

RCE Assigned KVE-2018-0441,0449 Crypto Assigned KVE-2018-0510

  • KVE is Korean-version of CVE