SSD Advisory – NETGEAR DGND3700v2 PreAuth Root Access
Find out how a vulnerability in multiple Uniview devices allow remote unauthenticated attackers to trigger a remote code execution vulnerability in the products the company offers.
SSD Advisory – Uniview PreAuth RCE
Find out how a vulnerability in multiple Uniview devices allow remote unauthenticated attackers to trigger a remote code execution vulnerability in the products the company offers.
SSD Advisory – Rocket.Chat Client-side Remote Code Execution
Find out how the Chrome Ad-Heavy detection mechanism can be bypassed, bypassing the mechanism would allow ads that are breaching the restrictions imposed by Chrome to still run.
SSD Advisory – TOTOLink Auth Bypass and Device Backdoor
Find out how the Chrome Ad-Heavy detection mechanism can be bypassed, bypassing the mechanism would allow ads that are breaching the restrictions imposed by Chrome to still run.
SSD Advisory – Chrome Ad Heavy Bypass (via history.back())
Find out how the Chrome Ad-Heavy detection mechanism can be bypassed, bypassing the mechanism would allow ads that are breaching the restrictions imposed by Chrome to still run.
SSD Advisory – Chrome Ad Heavy Bypass (via SharedWorker)
Find out how the Chrome Ad-Heavy detection mechanism can be bypassed, bypassing the mechanism would allow ads that are breaching the restrictions imposed by Chrome to still run.
SSD Advisory – macOS Finder RCE
Find out how a vulnerability in macOS Finder system allows remote attackers to trick users into running arbitrary commands.
SSD Advisory – NETGEAR D7000 Authentication Bypass
Find out how a vulnerability in NETGEAR D7000 device allows remote unauthenticated users to reveal the ‘admin’ password used to login to the admin web interface of the product. NOTE: The vendor states that multiple other devices are also vulnerable.
SSD Advisory – Samsung S10+/S9 kernel 4.14 (Android 10) Kernel Function Address (.text) and Heap Address Information Leak
Find out how a vulnerability discovered in Samsung S10+/S9 kernel allows leaking of sensitive function address information.
SSD Advisory – IP-Board Stored XSS to RCE Chain
Find out how an XSS in IP-Board can be leveraged into an remote code execution.
SSD Advisory – aaPanel CSWH to RCE
Find out how a CSWH hijacking vulnerability in aaPanel allows remote attackers to cause an authenticated user to execute arbitrary commands inside aaPanel’s managed servers.
SSD Advisory – SmarterMail XSS
Find out how a cross site scripting vulnerability in SmarterMail allows remote attackers to obtain the JWT token used to authenticate the user.
