Advisories archive

SSD Advisory – Mimosa Routers Privilege Escalation and Authentication bypass
TL;DR Find out how we exploited Mimosa Router's web interface vulnerability and gained root access. Vulnerability Summary Mimosa Networks is
SSD Advisory – SMC Networks Session and Command Injection
TL;DR Find out how we managed to inject an auth session into the device and through it gain a reverse
SSD Advisory – MyLittleAdmin PreAuth RCE
Vulnerable Key The following is the hardcoded key used by MyLittleAdmin, by inserting its values to ysoserial.exe it is possible
SSD Advisory – ManageEngine OpManager Unauthenticated Access API Key Access leads to RCE
SSD Advisory – Netsweeper PreAuth RCE
SSD Advisory – Cisco AnyConnect Privilege Elevation through Path Traversal
Vulnerability SummaryThe update functionality of the Cisco AnyConnect Secure Mobility Client for Windows is affected by a path traversal vulnerability
SSD Advisory – Ruckus IoT vRIoT Server Vulnerabilities
Vulnerability SummaryThe Ruckus IoT Suite is a collection of network hardware and software infrastructure used to enable multi-standard Internet of
SSD Advisory – Horde Groupware Webmail Edition Remote Code Execution
Vulnerability SummaryThe Horde project comprises of several standalone applications and libraries. The Horde Groupware Webmail Edition suite bundles several of
SSD Advisory – FreeBSD Use After Free due to Race Condition
Vulnerability SummaryIn FreeBSD there is a cryptographic device module called cryptodev which is accessible by any user on the system.
SSD Advisory – Synology DSM Remote Command Injection
IntroductionNetwork-attached storage devices allow multiple users and heterogeneous client devices to retrieve data from centralized disk capacity. These NAS stations