Advisories archive

TL;DR Find out how we exploited an unauthenticated Netgear Nighthawk R8300 vulnerability and gained root access to the device. Vulnerability
TL;DR Find out how we exploited an unauthenticated TerraMaster OS vulnerability and gained root access to the device. Vulnerability Summary
TL;DR Find out how we exploited Roundcube webmail application and crafted an email containing malicious HTML that execute arbitrary JavaScript
TL;DR Find out how we exploited Mimosa Router's web interface vulnerability and gained root access. Vulnerability Summary Mimosa Networks is
TL;DR Find out how we managed to inject an auth session into the device and through it gain a reverse
Vulnerable Key The following is the hardcoded key used by MyLittleAdmin, by inserting its values to ysoserial.exe it is possible
A vulnerability in ManageEngine OpManager allows a remote attacker to leak the API key of the product (administrative level API
Netsweeper provides real-time content monitoring and reporting for early intervention. One of our researchers had recently managed to perform remote
Vulnerability SummaryThe update functionality of the Cisco AnyConnect Secure Mobility Client for Windows is affected by a path traversal vulnerability
Vulnerability SummaryThe Ruckus IoT Suite is a collection of network hardware and software infrastructure used to enable multi-standard Internet of