BoardLight from HackTheBox
This box involves exploiting Dolibarr 17.0.0 for remote code execution (RCE) as an authenticated user, gaining access as the www-data user. By understanding the exploit and examining the configuration files, credentials can be found to escalate privileges to user. Additionally, the system is vulnerable to CVE-2022-37706, which allows…