■■■■■ Zero-Day: A critical remote code execution (RCE) flaw discovered impacting multiple services related to Microsoft Azure could be exploited by a malicious actor to completely take control of a targeted application.
The vulnerability is achieved through CSRF (cross-site request forgery) on the ubiquitous SCM service Kudu.
https://thehackernews.com/2023/01/new-microsoft-azure-vulnerability.html
https://t.me/cKure/12076