HackTheBox - Surveillance Writeup
Surveillance is a medium-difficulty Linux machine featuring Craft CMS [CVE-2023-41892] PHP object injection for initial access. Privilege escalation involves authenticated RCE in ZoneMinder and a sudo misconfiguration using LD_PRELOAD, leading to root access.
February 2, 2025 1 min read CVE-2023-41892 CVE-2023-26035 gobuster craftcms rce mysql crackstation linpeas chisel zoneminder dpkg check-installed