Found 3 bookmarks
Newest
Pwn2Own Toronto 2022 : A 9-year-old bug in MikroTik RouterOS
Pwn2Own Toronto 2022 : A 9-year-old bug in MikroTik RouterOS
DEVCORE research team found a 9-year-old WAN bug on RouterOS, the product of MikroTik. Combined with another bug of the Canon printer, DEVCORE becomes the first team ever to successfully complete an attack chain in the brand new SOHO Smashup category of Pwn2Own. And DEVCORE also won the title of Master of Pwn in Pwn2Own Toronto 2022.
#devco.re#EN#2024#CVE-2023-32154#Pwn2Own#MikroTik-RouterOS
·devco.re·
Pwn2Own Toronto 2022 : A 9-year-old bug in MikroTik RouterOS
A New Attack Surface on MS Exchange Part 4 - ProxyRelay!
A New Attack Surface on MS Exchange Part 4 - ProxyRelay!
Hi, this is a long-time-pending article. We could have published this article earlier (the original bug was reported to MSRC in June 2021 with a 90-days Public Disclosure Policy). However, during communications with MSRC, they explained that since this is an architectural design issue, lots of code changes and testings are expected and required, so they hope to resolve this problem with a one-time CU (Cumulative Update) instead of the regular Patch Tuesday. We understand their situation and agree to extend the deadline.
#devco.re#EN#2022#CVE-2021-26414#CVE-2022-21979#Exchange#Microsoft-Exchange#ProxyRelay
·devco.re·
A New Attack Surface on MS Exchange Part 4 - ProxyRelay!
A New Attack Surface on MS Exchange Part 4 - ProxyRelay!
A New Attack Surface on MS Exchange Part 4 - ProxyRelay!
Hi, this is a long-time-pending article. We could have published this article earlier (the original bug was reported to MSRC in June 2021 with a 90-days Public Disclosure Policy). However, during communications with MSRC, they explained that since this is an architectural design issue, lots of code changes and testings are expected and required, so they hope to resolve this problem with a one-time CU (Cumulative Update) instead of the regular Patch Tuesday. We understand their situation and agree to extend the deadline.
#devco.re#EN#2022#CVE-2021-26414#CVE-2022-21979#Exchange#Microsoft-Exchange#ProxyRelay
·devco.re·
A New Attack Surface on MS Exchange Part 4 - ProxyRelay!