Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors

SSD Advisory – SmarterMail XSS

Find out how a cross site scripting vulnerability in SmarterMail allows remote attackers to obtain the JWT token used to authenticate the user.

SSD Advisory – NETGEAR Nighthawk R7000 httpd PreAuth RCE

TL;DR Find out how a vulnerability in NETGEAR R7000 allows an attacker to run arbitrary code without requiring authentication with the device. Vulnerability Summary A vulnerability allows network-adjacent attackers to execute arbitrary code on affected

SSD Advisory – OverlayFS PE

TL;DR Find out how a vulnerability in OverlayFS allows local users under Ubuntu to gain root privileges. Vulnerability Summary An Ubuntu specific issue in the overlayfs file system in the Linux kernel where it did

SSD Advisory – QNAP Pre-Auth CGI_Find_Parameter RCE

TL;DR Find out how a memory corruption vulnerability can lead to a pre-auth remote code execution on QNAP QTS’s Surveillance Station plugin. Vulnerability Summary QNAP NAS with “Surveillance Station Local Display function can perform monitoring

SSD Advisory – DD-WRT UPNP Buffer Overflow

TL;DR Find out how a vulnerability in DD-WRT allows an unauthenticated attacker to overflow an internal buffer used by UPNP and trigger a code execution vulnerability. Vulnerability Summary DD-WRT is “is Linux-based firmware for wireless

SSD Advisory – VestaCP LPE Vulnerabilities

TL;DR Find out how multiple vulnerabilities in VestaCP allow an authenticated attacker to elevate his access to root privileges. Vulnerability Summary VestaCP is “an open source hosting control panel, a clean and focused interface without

SSD Advisory – GNU GRUB Command Injection

TL;DR Find out how a vulnerability in GNU GRUB allows users on a Linux system to inject commands into the process of grub-mkconfig which allows them to execute arbitrary commands with elevated privileges. Vulnerability Summary

SSD Advisory – Yealink DM Pre Auth ‘root’ level RCE

TL;DR Find out how multiple vulnerabilities in Yealink DM (Device Management) allow an unauthenticated attacker to run arbitrary commands on the server with root privileges. Vulnerability Summary Yealink DM (Device Management) platform – “offers a


Get in touch