Targets of interest:
- Operating systems: Windows / Linux (RCE and PE)
- Mobile: iOS (PE from within the Sandbox) / Android
- Web Browsers: Chrome (RCE or SBX) / Safari / FireFox (RCE)
- Readers: Microsoft Office
- Web Hosting Control Panel: cPanel / Plesk / DirectAdmin / Webmin / VestaCP / Aegir
- Mailserver: Exchange Server / Dovecot / Zimbra / Roundcube / MDaemon / Horde / Exim / Postfix / IceWarp
- CMS: WordPress / Joomla / Drupal / Confluence
- Embedded: Mobile Baseband / NAS (QNAP) / Routers ( Tenda / Asus – RT / Dlink / DVR (Samsung / Juan) / IoT (TVT / Netgear)
- Network Management Systems: Zabbix / Nagios / PRTG / Cacti / ManageEngine OpManager
- Mobile Applications: Facebook / Whatsapp / Facebook Messenger / iMessage / FaceTime / Instagram / Youtube / GoogleMaps / Truecaller / Skype / Telegram
- Git server: GitHub / GitLab enterprise / Bitbucket
- Others: Atlassian JIRA / PHP / .NET / Firewalls / Protocols / Apache / Engine X / IIS / EMS (AhnLab Policy Center)
Got a vulnerability out of this scope? Send us an email, we can still help: contact@ssd-disclosure.com