MongoDB – Remote Code Execution by DatabaseSpraying

MongoDB
In last release 10gen chose to move to the V8 Javascript motor that sounds a very good idea. They also increased permeability in "$where" request to reduce impact of SSJI.

This time, the crash cannot be triggered from "$where" SSJI and don’t worry you need read-write access to a mongo database to reliably exploit it.

Tags: , , , , , ,