# CVE-2022-36067-MASS-RCE
vm2 sandbox remote code execution [mass adding] [payload send for botnets]

"A threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox,"

The issue, tracked as CVE-2022-36067 and codenamed Sandbreak, carries a maximum severity rating of 10 on the CVSS vulnerability scoring system. It has been addressed in version 3.9.11 released on August 28, 2022.

vm2 is a popular Node library that's used to run untrusted code with allowlisted built-in modules. It's also one of the most widely downloaded software, accounting for nearly 3.5 million downloads per week.

this donwlaod comes with all infos and tutorials for sending payload inside the tutorial.txt, with big list of servers (mostly vulnerable)
and the python script with multi threading for mass and single adding purpose.
the download is available here: [https://satoshidisk(.)com/pay/CGgOpc](