All Articles

Page 2 of 6
Tech Editorials #CVE #Vulnerability #RCE #Advisory #Apache

Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!

Orange Tsai

2024-08-09

This article explores architectural issues within the Apache HTTP Server, highlighting several technical debts within Httpd, including 3 types of Confusion Attacks, 9 new vulnerabilities, 20 exploitation techniques, and over 30 case studies. The content includes, but is not limited to: 1. How a single ? can bypass Httpd's built-in access control and authentication. 2. How unsafe RewriteRules can escape the Web Root and access the entire filesystem. 3. How to leverage a piece of code from 1996 to transform an XSS into RCE.

Tech Editorials #CVE #Pwn2Own #IoT

Your printer is not your printer ! - Hacking Printers at Pwn2Own Part I

Angelboy

2023-10-05

In 2021, we found Pre-auth RCE vulnerabilities(CVE-2022-24673 and CVE-2022-3942) in Canon and HP printers, and vulnerability(CVE-2021-44734) in Lexmark. We used these vulnerabilities to exploit Canon ImageCLASS MF644Cdw, HP Color LaserJet Pro MFP M283fdw and Lexmark MC3224i in Pwn2Own Austin 2021. Following we will describe the details of the Canon and HP vulnerabilities and exploitation.