DNS rebinding vulnerability in GUPnP
GUPnP, a GNOME library for Universal Plug and Play (UPnP), was vulnerable to DNS rebinding attacks. This is CVE-2021-33516 and GUPnP issue #24. This was fixed in GUPnP 1.0.7 and GUPnP 1.2.5.
Read moreā¦DNS rebinding vulnerability in pupnp and npupnp
I found that pupnp was vulnerable to DNS rebinding attacks. npupnp, a fork a pupnp, was impacted as well. This is demonstrated using Gerbera a UPnP MediaServer.
Read moreā¦DNS rebinding explained
A quick summary about how DNS rebinding attacks work. The main motivation for this post is to have a diagram to show when explaining DNS-rebinding attacks.
Read moreā¦Firefox DoH DNS rebinding protection bypass using IPv4-mapped addresses
computer security vulnerability web dns-rebinding firefox advisory
I found that the filtering of private IPv4 addresses in the DNS-over-HTTPS (DoH) implementation of Firefox could by bypassed. This is CVE-2020-26961 and Mozilla bug 1672528. It has been fixed in Firefox 83, Firefox ESR 78.5 and Thunderbird 78.5.
Read moreā¦Introduction to UPnP
This post gives simple explanations of how UPnP (Universal Plug-and-Play) works, especially with the goal of testing the security devices such as routers, smart TVs, etc.
Read moreā¦DNS rebinding and CSRF vulnerabilites on Samsung TV DIAL implementation
computer security vulnerability dial dns-rebinding csrf advisory
I found a DNS rebinding vulnerability as well as a Cross Site Request Forgery (CSRF) vulnerability on the DIAL (Discovery And Launch) implementation of the Samsung TV UE40F6320 (v1.0), from 2011. This can be used to open any installed application (eg. Netflix and Youtube) and force the vizualisation of a given video in the applications.
Read moreā¦DNS rebinding vulnerability in Samsung SmartTV UPnP
I found a DNS rebinding vulnerability on the Universal Plug-and-Play (UPnP) interface of the Samsung TV UE40F6320 (v1.0), from 2011. This could be used, for example, to change the channel, to know which channel is currently used or open the builtin browser to any URI.
Read moreā¦Disable Certificate Verification on Android with Frida
computer system security android frida tls reverse-engineering
Some notes about how to write a Frida script with the (somewhat classic) example of disabling certificate verification for TLS communications on Android applications.
Read moreā¦DNS Rebinding vulnerabilities in Freebox
computer security vulnerability web upnp dns-rebinding csrf advisory
CVE-2020-24373 CVE-2020-24374 CVE-2020-24375 CVE-2020-24376 CVE-2020-24377
I found some DNS rebinding vulnerabilities in Freebox devices (CVE-2020-24374, CVE-2020-24375, CVE-2020-24376, CVE-2020-24377) as well as a Cross Site Request Forgery (CSRF) vulnerability (CVE-2020-24373) These vulnerabilities were fixed in 2020-08-05.
Read moreā¦Remote Code Execution via Cross Site Request Forgery in InternetCube and YunoHost
How I found remote code execution vulnerabilities via Cross Site Request Forgery (CSRF) on the administration interfaces of InternetCube applications and of the YunoHost administration interface which could have been used to execute arbitrary code as root. These vulnerabilities were fixed in YunoHost 3.3, OpenVPN Client app 1.3.0. and YunoHost 3.4.
Read moreā¦Page 1 of 2 | Previous page | Next page | JSON Feed | Atom Feed