Security Advisory: Remote Command Execution in binwalk
January 31, 2023
We have identified a path traversal vulnerability in binwalk that could be abused to gain remote command execution.
Menu
We have identified a path traversal vulnerability in binwalk that could be abused to gain remote command execution.
We’ve automatically identified vulnerabilities affecting multiple WAGO industrial controllers using ONEKEY’s platform and reported it to the vendor.
We have been working hard over the last few months since we first introduced unblob to the world at Blackhat Arsenal and DEFCON Demo Labs. As the project continues to grow, we wanted to share a few things with you.
This one is special because it affects a NAS device from Asus, which according to them “has been EOL for years“, with the latest firmware version dating back 10 years. Since there’s no fix in sight, we don’t have to wait for the 90 days and can publish the interesting details.
The short answer is: not about this patch. The effects of CVE-2022-3786 and CVE-2022-3602 on ICS, IoT, and IoMT devices are negligible. But the long answer is more complex than this.
As we work to improve our component discovery capabilities to create more comprehensive software BOMs, we sometimes encounter “strange” third-party components. So also in the NETGEAR routers Funjsq!
Not all bugs are created equal. This advisory describes a vulnerability we identified when hunting for bugs to craft exploit chains for PWN2OWN 2021. Sadly, the vulnerable path is only reachable once a day so it did not match the PWN2OWN rules 🙁
To evaluate and strengthen the automated vulnerability detection capabilities of ONEKEY, we frequently download and analyze firmware images from a variety of vendors. This is how we stumbled upon the CECC-X-M1 product line, an industrial controller manufactured by FESTO.
The IoT Inspector Research Lab uncovered vulnerabilities in Cisco RV340 leading to remote command execution as root over the LAN interface.
The IoT Inspector Research Lab uncovered a command injection vulnerability on Western Digital My Cloud Pro Series PR4100.
Find out how the IoT Inspector Research Lab extracted an encryption key for a subset of D-Link routers – in particular the D-Link DIR-X1560.
We found lacking user privilege separation enforcement and post-authentication command injection remote code execution within Cisco ATA19X firmware.
