Rating:

node.js deserialization vulnerability leads to RCE.

Original writeup (https://zeyu2001.gitbook.io/ctfs/2021/zh3ro-ctf-v2/sparta).