HACKTHEBOX MEDIUM
Kasemsh 2026  ·  Mar 28, 2026

Devarea

DevArea is a Linux machine hosting multiple vulnerable services. Initial access is gained through anonymous FTP revealing a JAR file vulnerable to Apache CXF SSRF (CVE-2022-46364), which exposes Hoverfly credentials in systemd service files. The Hoverfly instance is vulnerable to path traversal (CVE-2025-54123), leading to remote code execution. Privilege escalation exploits a world-writable `/bin/bash` binary combined with a passwordless sudo rule, allowing arbitrary command execution as root.

Category
hackthebox
Architecture
Linux
Protections
writeup_by
@KasemSH
🔒
Protected Writeup
Enter the password to unlock this writeup.
Incorrect password.