Baget Exploit 2021 -

) was the internal codename for a specific vulnerability found in a popular decentralized finance (DeFi) protocol’s yield-farming smart contract. The Discovery

This is the most significant exploit associated with the system. Attackers could bypass image upload filters to upload a malicious PHP file. Because the application did not adequately sanitize user-supplied input, an unauthenticated user could execute commands directly on the hosting web server. Arbitrary File Upload via baget exploit 2021