The IoT Inspector Research Lab uncovered vulnerabilities in Cisco RV340 leading to remote command execution as root over the LAN interface.
The IoT Inspector Research Lab uncovered a command injection vulnerability on Western Digital My Cloud Pro Series PR4100.
Find out how the IoT Inspector Research Lab extracted an encryption key for a subset of D-Link routers – in particular the D-Link DIR-X1560.
We found lacking user privilege separation enforcement and post-authentication command injection remote code execution within Cisco ATA19X firmware.
IoT Inspector identified security vulnerabilities affecting the UPnP implementation of Broadcom’s SDK that affect vendors such as Cisco or Linksys.
At least 65 vendors are affected by severe vulnerabilities that enable unauthenticated attackers to fully compromise the target device.
The IoT Inspector Research Lab detected a rare security vulnerability in Cisco’s RV34X Series. Read the full root analysis on the blog!
Overview Over the course of a research project focusing on IoT gadgets in late 2020, we briefly looked at the Gigaset L800HX – a smart
TLDR In early 2021, we reported a few security issues to Cisco related to their RV34X series of routers, two of which have been recently
Overview The Fibaro Home Center 2Â and Home Center Lite (running versions 4.600, 4.550 and earlier versions) are affected by multiple vulnerabilities: man-in-the-middle attack between the
TLDR Firmware patch diffing is a relatively under-documented process, but one that can be really important when doing IoT security research. In this post, I’m
Overview The D-Link DIR-3060 (running firmware versions below v1.11b04) is affected by a post-authentication command injection vulnerability. Anybody with authenticated access to a DIR-3060 would be able to run arbitrary system commands
