Vương Quốc Huy

2 posts published

The first step to PWN2OWN - A sad one

INTRODUCTION When I was taking a look at the UPnP binary of NETGEAR RAX30 for PWN2OWN Toronto 2022, I found a command injection vulnerability on the LAN side. This is the first vulnerability that I have ever found, but it is a die young one. The patch came right before

Researches

NETGEAR R6700v3: 1day Analysis (CVE-2021-34982) Buffer Overflow RCE Vulnerability

About the vulnerability This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. When parsing the strings file, the process