... Loading ...

SSD Secure Disclosure

Disclosing vulnerabilities responsibly since 2007

Scope

Targets of interest:
  • Operating systems: Windows / Linux
  • Mobile: iOS (PE from within the Sandbox) / Android
  • Web Browsers: ToR / Chrome (RCE or SBX) / Safari / Edge / FireFox (RCE)

  • Readers: Microsoft Office
  • Web Hosting Control Panel: cPanel / Plesk / DirectAdmin / Webmin / VestaCP / ISPManager / ISPConfig / Aegir / CentOS Web Panel
  • Mailserver: Microsoft Exchange Server / Zimbra / Roundcube / MDaemon / Horde / Exim / Postfix / Dovecot
  • CMS: WordPress / Joomla / Drupal
  • Embedded: Mobile Baseband / NAS / Routers / DVR
  • Network Management Systems: Zabbix / Nagios / PRTG
  • IP based Cameras: Pre-authentication RCE in IP based cameras that have 10,000 or more vulnerable devices visible via Shodan (or similar service)
  • Others: PHP / .NET / Firewalls / Protocols

Got a vulnerability out of this scope? Send us an email, we can still help: contact@ssd-disclosure.com

Print Friendly, PDF & Email