/explore

Click through on any links that interest you or select the planets on the right to continue exploring the Outer Web.
You are here

srcincite.io
| | foxglovesecurity.com
3.0 parsecs away

Travel
| | By @breenmachine What? The most underrated, underhyped vulnerability of 2015 has recently come to my attention, and I'm about to bring it to yours. No one gave it a fancy name, there were no press releases, nobody called Mandiant to come put out the fires. In fact, even though proof of concept code was released...
| | bdtechtalks.com
3.0 parsecs away

Travel
| | Security researchers find critical flaws in popular Axis cameras, allowing full remote control over thousands of surveillance systems in enterprises worldwide.
| | y4y.space
3.2 parsecs away

Travel
| | Intro The exploitation of this RCE consists of two parts, one being the lack of authentication validation to h5-vsan endpoint, and another being the unsafe reflection usage in Java which then caused a JNDI injection. I was not smart enough to come up with the JDNI attack chain, but certainly learned a lot while attempting...
| | www.thezdi.com
5.7 parsecs away

Travel
| [AI summary] This blog post discusses two critical vulnerabilities in the Logsign Unified SecOps Platform, CVE-2024-5716 (authentication bypass) and CVE-2024-5717 (command injection), which can be combined for remote, unauthenticated code execution.