Research

Research Blog

Bleiben Sie mit den neuesten Sicherheitshinweisen, Schwachstellenberichten und Plattformentwicklungen auf dem Laufenden — damit Ihre Produkte sicher und konform sind.

Ausgewählte Research-Artikel

Shell CGI Static Code Analysis - Automatic Discovery of RCEs

Research

May 23, 2025

min. Lesezeit

Shell CGI Static Code Analysis - Automatic Discovery of RCEs

Uncover ONEKEY's new shell CGI Static Code Analysis feature, designed to identify critical Remote Code Execution vulnerabilities. Click now to find out more.

Quentin Kaiser

Lead Security Researcher

Security Advisory: Remote Code Execution on Viasat Modems (CVE-2024-6199)

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Viasat modems. Learn about the risks and recommended actions.

Quentin Kaiser

Lead Security Researcher

Security Advisory: Remote Code Execution on Viasat Modems (CVE-2024-6198)

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Viasat modems. Learn about the risks and recommended actions.

Quentin Kaiser

Lead Security Researcher

Critical Vulnerabilities in EV Charging Stations: Analysis of eCharge Controllers

Discover how severe security flaws, including unauthenticated remote command execution (CVE-2024-11665 & CVE-2024-11666), affect eCharge EV charging controllers. Learn about insecure firmware practices, cloud infrastructure issues, and actionable steps to mitigate risks in EV charging systems.

Quentin Kaiser

Lead Security Researcher

Security Advisory: Arbitrary Command Execution on TP-Link Archer C5400X

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in the TP-Link Archer C5400X router. Learn about the risks and recommended actions.

Bisherige

Weiter

Alle Research-Artikel

Security Advisory: Clock Fault Injection on Mocor OS - Password Bypass

Research

Aug 8, 2023

min. Lesezeit

Security Advisory: Clock Fault Injection on Mocor OS - Password Bypass

Discover the critical vulnerabilty in the Mocor OS on UNISOC SC6531E devices that allows unauthorised users to bypass locks via clock fault injection.

Security Advisory: Unauthenticated Remote Command Execution in Multiple WAGO Products

Research

May 15, 2023

min. Lesezeit

Security Advisory: Unauthenticated Remote Command Execution in Multiple WAGO Products

Security Advisory: Critical unauthenticated command injection vulnerability in the "Legal Information" plugin of the WAGO Series PFC100 web interface.

Research

May 8, 2023

min. Lesezeit

Latest Developments in Unblob (2)

Revolutionize firmware extraction with UNBLOB! Discover the latest developments & advancements in this cutting-edge project. Don't miss latest blog post!

Leveraging ChatGPT to build a Hardware Fault Injection Tool.

Research

Apr 26, 2023

min. Lesezeit

Leveraging ChatGPT to build a Hardware Fault Injection Tool.

This security insight explores the process of building an AI-assisted Teensy-based fault injection framework for testing system security. Learn more here!

Security Advisory: Multiple Vulnerabilities in Phoenix Contact Routers

Research

Mar 27, 2023

min. Lesezeit

Security Advisory: Multiple Vulnerabilities in Phoenix Contact Routers

Authenticated users can execute arbitrary commands with elevated privileges or access any file on the system. Read the latest security advisory here!

Security Advisory: Multiple Vulnerabilities in NetModule Routers

Research

Feb 23, 2023

min. Lesezeit

Security Advisory: Multiple Vulnerabilities in NetModule Routers

Multiple vulnerabilities identified in NetModule industrial routers. Are your industrial routers safe? Read the latest security advisory now!

Research

Feb 20, 2023

min. Lesezeit

ClamAV Critical Patch Review

In this technical deep dive, ONEKEY explores the underlying issues fixed by the recent critical patch released by ClamAV.

Security Advisory: Remote Command Execution in binwalk

Research

Jan 30, 2023

min. Lesezeit

Security Advisory: Remote Command Execution in binwalk

Learn about the security vulnerability in binwalk v2.1.2b-2.3.3 that allows malicious PFS file extraction and remote code execution. 👉

Research

Dec 14, 2022

min. Lesezeit

Latest Developments in Unblob

After initial launch of unblob at Blackhat and DEFCON, the project continues to grow and we want to share a few things with you. Read more!

Schauen Sie sich Whitepapers an

Lesen Sie ausführliche Whitepapers zu Cybersicherheit und Compliance, die darauf ausgelegt sind, die Sicherheit und Compliance Ihres Produkts zu verbessern.

Treffen Sie uns auf Veranstaltungen

Nehmen Sie an branchenführenden Veranstaltungen teil und tauschen Sie sich persönlich mit unseren Experten aus, um zu erfahren, wie Sie Ihre Cybersicherheits- und Compliance-Strategien verbessern können.

Einblicke aus unserem Blog

Holen Sie sich Expertentipps und Branchen-Updates. In unserem Blog finden Sie praktische Ratschläge, Trends und Lösungen, die Ihnen helfen, sicher und konform zu bleiben.

Bereit zur automatisierung ihrer Cybersicherheit & Compliance?

Machen Sie Cybersicherheit und Compliance mit ONEKEY effizient und effektiv.

Eine Demo buchen