29 March, 2018

Cisco Smart Install Remote Code Execution

Introduction Application: Cisco IOS, Cisco IOS-XE Vendor: Cisco Bugs: Stack-based buffer overflow [CWE-20], [CWE-121] Risk: Critical; AV:N/AC:L/Au:N/C:C/I:C/A:C (10.0) A stack-based buffer overflow vulnerability was found in Smart Install Client code. This vulnerability enables an attacker to remotely execute arbitrary code without authentication. So it allows getting full control over a vulnerable network equipment. Smart Install
7 March, 2018

DJI Spark hijacking

It is no pleasant experience at all for anyone to get the valuable property bought with the money you have earned with your blood, sweat, and tears stolen by some unknown cybercriminal. The Internet of Things (IoT) is developing with the rapid pace, and the devices that can be controlled remotely have become an indispensable
10 November, 2017

How To Cook Cisco

Introduction This white paper is intended to reveal intricacies of Cisco vulnerabilities exploitation. All the information presented in this research is based on our experience and updates other researchers’ experience and knowledge. The very process of exploiting Cisco vulnerabilities depends heavily on a specific vulnerability and a gadget. We encourage you to think of the