I believe that doing a security research is all about trying to understand high-level of architecture of the products and finding a creative attack vectors.
I hope this blog post will show some the readers how to start doing security research.
Read More
In this article, I will be sharing several critical vulnerabilities of Seagate Central Storage NAS product.
Read More
In this article, I would like to share a remote code execution vulnerability details of MailCleaner Community Edition product.
Read More
It has been a quite while since I haven’t released a new part of unexpected journey article serie. Particularly this small 0-day research project has been certainly didactic to me. Thus, I’ve decided to write down the process of achieving remote code execution on MicroFocus Secure Messaging Gateway product. Read More
It is an interesting coincidence that almost 1 year ago we identified a critical security issue in a different product (Eventlog Analyzer) of this company. Now, this time we’ve came across with another product of this company during penetration test. To be honest I’ve seen more than 20 different high/critical vulnerability during the analysis of the product but I will only share two of them now, as a full disclosure. Read More