Learn how to exploit Server-Side Template Injection (SSTI) in a Spring Boot application using the Thymeleaf templating engine. Special focus will be set on bypassing defenses in newer versions.| modzero / Blog
Just read documentation to get RCE?! Our colleague Theresa designed a tutorial guiding you through an OpenVPN exploit scenario — for you to try at home!| modzero / Blog
We exploited an unauthenticated command injection within the spam filter appliance MailCleaner that can be triggered through a malicious email address.| modzero / Blog
We uncovered several vulnerabilities allowing an attacker in the network to take over a Poly VoIP device and turn it into a bug hidden in plain sight.| modzero / Blog
Today we celebrate our 12th anniversary.| modzero / Blog
We examined the password management solution Passwordstate of Click Studios and identified multiple high severity vulnerabilities.| modzero / Blog
We publish a new advisory for a vulnerability in CrowdStrike Falcon Sensor as well as share our thoughts about the ridiculous disclosure process.| modzero / Blog
As part of an analysis of video conference solutions for a customer, we examined the Meeting Owl.| modzero / Blog
Today, we publish a new advisory for some vulnerabilities, that have been found by our team-mate Nils Ole Timm (@firzen14).| modzero / Blog
(*) I'm really sorry for the pun line. One day in December, I decided to actually build something. Something more or less useful. So, I paused breaking stuff (I really did) to create something that could help enhance the security-level of WiFi networks. I failed.| modzero / Blog
Today many games are developed using .Net or a modified .Net Runtime like the Unity engine. This of course means that deserialization vulnerabilities in .Net can also occur in these games.| modzero / Blog
In red teaming engagements, simply finding an XSS or basic misconfiguration often isn’t enough, achieving RCE is the real deal. During one such assessment, we came across XiongMai’s uc-httpd, a lightweight web server used in countless IP cameras worldwide. According to Shodan, roughly 70k instances of this software are publicly exposed on the internet. Despite its history of severe vulnerabilities, no readily available exploit seemed to provide code execution, so I set out to build one.| modzero.com