Ressourcen
>
Research

Research Blog

Bleiben Sie mit den neuesten Sicherheitshinweisen, Schwachstellenberichten und Plattformentwicklungen auf dem Laufenden — damit Ihre Produkte sicher und konform sind.

Ausgewählte Forschungsartikel

Security Advisory: Unauthenticated Command Injection in Mitel IP Phones
Research
Nov 17, 2024
15
min. Lesezeit

Security Advisory: Unauthenticated Command Injection in Mitel IP Phones

Discover critical vulnerabilities in Mitel SIP phones that allow unauthenticated command injection. Learn how outdated input parsing can expose your devices and why it's essential to scan firmware for security risks. Protect your network with our in-depth analysis and expert takeaways.

Denys Vozniuk
Denys Vozniuk
Security Consultant
Mehr lesen
The X in XFTP Stands For eXecute
Research
Jul 8, 2024
6
min. Lesezeit

The X in XFTP Stands For eXecute

Find out how our platform enhances firmware security by identifying vulnerabilities & bugs in ICT products, ensuring compliance with DORA & NIS2 directive.

Mehr lesen
Security Advisory: Arbitrary Command Execution on TP-Link Archer C5400X
Research
May 26, 2024
5
min. Lesezeit

Security Advisory: Arbitrary Command Execution on TP-Link Archer C5400X

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in the TP-Link Archer C5400X router. Learn about the risks and recommended actions.

Mehr lesen
Security Advisory: Remote Code Execution in Ligowave Devices
Research
May 13, 2024
3
min. Lesezeit

Security Advisory: Remote Code Execution in Ligowave Devices

Explore the security advisory detailing remote code execution vulnerabilities in Ligowave devices. Learn about the risks & recommended protections.

Mehr lesen
Bisherige
Weiter

Alle Forschungsartikel

Security Advisory: Unauthenticated Configuration Export in Multiple WAGO Products
Research
Jan 15, 2023
5
min. Lesezeit

Security Advisory: Unauthenticated Configuration Export in Multiple WAGO Products

ONEKEY identified an unauthenticated configuration export in industrial controllers from WAGO . Read the latest Security Advisory here 👉

Mehr lesen
Latest Developments in Unblob
Research
Dec 14, 2022
4
min. Lesezeit

Latest Developments in Unblob

After initial launch of unblob at Blackhat and DEFCON, the project continues to grow and we want to share a few things with you. Read more!

Mehr lesen
Security Advisory: Asus M25 NAS Vulnerability
Research
Nov 30, 2022
4
min. Lesezeit

Security Advisory: Asus M25 NAS Vulnerability

ONEKEY identifies a command injection bug in the M25 NAS from Asus. Read the latest Security Advisory here 👉

Mehr lesen
OpenSSL released a patch for high severity vulnerabilities – do operators and vendors of connected devices need to worry?
Research
Nov 1, 2022
3
min. Lesezeit

OpenSSL released a patch for high severity vulnerabilities – do operators and vendors of connected devices need to worry?

OpenSSL released a patch for high severity vulnerabilities – do operators and vendors of connected devices need to worry? Read more!

Mehr lesen
Security Advisory: NETGEAR Routers FunJSQ Vulnerabilities
Research
Sep 14, 2022
9
min. Lesezeit

Security Advisory: NETGEAR Routers FunJSQ Vulnerabilities

Detailed vulnerability analysis identifies several problems in FunJSQ on NETGEAR Routers & Orbi WiFi Systems. Read latest Security Advisory here 👉

Mehr lesen
Advisory: Cisco Small Business RV Series Routers Web Filter Database Update Command Injection Vulnerability
Research
Aug 8, 2022
5
min. Lesezeit

Advisory: Cisco Small Business RV Series Routers Web Filter Database Update Command Injection Vulnerability

The advisory describes a vulnerability ONEKEY identified when hunting for bugs to craft exploit chains for PWN2OWN 2021. Read advisory!

Mehr lesen
Advisory: FESTO: CECC-X-M1 - Command Injection Vulnerabilities
Research
Jul 6, 2022
5
min. Lesezeit

Advisory: FESTO: CECC-X-M1 - Command Injection Vulnerabilities

To evaluate and strengthen the automated vulnerability detection capabilities of ONEKEY, we frequently download and analyze firmware images from a variety of vendors. This is how we stumbled upon the CECC-X-M1 product line, an industrial controller manufactured by FESTO.

Mehr lesen
Advisory: Western Digital My Cloud Pro Series PR4100 RCE
Research
Feb 14, 2022
7
min. Lesezeit

Advisory: Western Digital My Cloud Pro Series PR4100 RCE

The IoT Inspector Research Lab uncovered a command injection vulnerability on Western Digital My Cloud Pro Series PR4100.

Mehr lesen
How-To: Extracting Decryption Keys for D-Link
Research
Nov 24, 2021
8
min. Lesezeit

How-To: Extracting Decryption Keys for D-Link

Find out how the IoT Inspector Research Lab extracted an encryption key for a subset of D-Link routers - in particular the D-Link DIR-X1560.

Mehr lesen
Schauen Sie sich Whitepapers an

Schauen Sie sich Whitepapers an

Lesen Sie ausführliche Whitepapers zu Cybersicherheit und Compliance, die darauf ausgelegt sind, die Sicherheit und Compliance Ihres Produkts zu verbessern.

Treffen Sie uns auf Veranstaltungen

Treffen Sie uns auf Veranstaltungen

Nehmen Sie an branchenführenden Veranstaltungen teil und tauschen Sie sich persönlich mit unseren Experten aus, um zu erfahren, wie Sie Ihre Cybersicherheits- und Compliance-Strategien verbessern können.

Einblicke aus unserem Blog

Einblicke aus unserem Blog

Holen Sie sich Expertentipps und Branchen-Updates.
In unserem Blog finden Sie praktische Ratschläge, Trends und Lösungen, die Ihnen helfen, sicher und konform zu bleiben.

Bereit zur automatisierung ihrer Cybersicherheit & Compliance?

Machen Sie Cybersicherheit und Compliance mit ONEKEY effizient und effektiv.

Eine Demo buchen