The five most common web application exploits include: remote code execution, SQL injection, format string vulnerabilities, XSS, and username enumeration. We have covered some of these attacks in earlier chapters. We will now go into more detail about how these attacks function.
Remote code execution is an extremely effective attack that hackers use to gain illegal control of devices. A good example is a vulnerability found within the Simple Network Management Protocol (SNMP) using Cisco Adaptive Security Appliance (ASA) software. This vulnerability allows a hacker to execute remote code on a victim's device. According to the Cisco Security Center, this vulnerability is caused by a buffer overflow in the affected ...