ProxyLogon! The most severe and impactful vulnerability in the Exchange Server history ever.
This post is about my research this March, which talks about how I found vulnerabilities on a leading Mobile Device Management product and bypassed several limitations to achieve unauthenticated RCE. All the vulnerabilities have been reported to the vendor and got fixed in June. After that, we kept monitoring large corporations to track the overall fixing progress and then found that Facebook didn't keep up with the patch for more than 2 weeks, so we dropped a shell on Facebook and reported to their Bug Bounty program!
7 vulnerabilities in Pulse Secure SSL VPN: CVE-2019-11510, CVE-2019-11542, CVE-2019-11539, CVE-2019-11538, CVE-2019-11508, CVE-2019-11540, CVE-2019-11507
Last month, we talked about Palo Alto Networks GlobalProtect RCE as an appetizer. Today, here comes the main dish!
We would like to talk about the vulnerability which we accidentally discovered during our Red Team assessment services on Palo Alto SSL VPN.
Is it possible to install IDA Pro without kowning installation password? Linux or MacOS version can find the password directly; Windows version only need 10 minutes to calculate the password. The following is the detailed process.
