InfoSec Blog

tags Archives

Writeup

CVE-2023-39238 - Asus Router Format String RCE

30/01/2024

Hunting for Unauthenticated n-days in Asus Routers

Notes on patch diffing, reverse engineering and exploiting CVE-2023-39238, CVE-2023-39239, and CVE-2023-39240.

12

Min

CVE-2023-33466 - Orthanc RCE

24/10/2023

CVE-2023-33466 - Exploiting Healthcare Servers with Polyglot Files

A recently disclosed CVE for the Orthanc DICOM server can be used to obtain Remote Code Execution. As a PoC was not available, we wrote one.

8

Min

XXE to RCE via XML file opening

24/10/2019

Don’t open that XML: XXE to RCE in XML plugins for VS Code, Eclipse, Theia, …

The LSP4XML library used by many IDE and editors was affected by an XXE which lead to RCE exploitable by just opening an XML file.

6

Min

OpenStack's noVNC XSS

19/10/2019

Exploiting an old noVNC XSS (CVE-2017-18635) in OpenStack

OpenStack was using an old version of noVNC affected by a DOM-based XSS that allowed attackers to steal VM tokens and take over VMs.

4

Min

Frida

04/02/2019

FridaLab – Writeup

Writeup for the FridaLab challenge with a basic introduction to the Frida toolkit on Android.

3

Min