ONEKEY Security Advisory XFTP

The X in XFTP Stands For eXecute

In our latest security advisory, we delve into the intricate process of firmware analysis and quality assurance using the ONEKEY platform. Discover how our team identifies vulnerabilities and unusual bugs, including the investigation of the xftp binary in Dahua firmware. Learn about the challenges of analyzing firmware without access to the build toolchain and the implications for digital resilience and supply chain security.

Read More »

Security Advisory: Arbitrary Command Execution on TP-Link Archer C5400X

Discover the details behind ONEKEY Research Lab’s latest cybersecurity breakthrough in our comprehensive security advisory. Our experts have identified a critical vulnerability in the TP-Link Archer C5400X Tri-Band Gaming Router, specifically targeting the rftest binary. This overview delves into how this flaw allows for remote command execution and what steps can be taken to secure your devices. Stay informed and protected—read our full analysis to understand the implications and necessary actions to mitigate this significant security risk.

Read More »

Security Advisory: Remote Code Execution in Ligowave Devices

A newly identified vulnerability in multiple Ligowave devices allows remote authenticated users to execute arbitrary commands through the web-based management interface. This security issue stems from improper input sanitization in the uam_add_internal and link_test functions, which fail to properly sanitize input parameters, leading to command injection possibilities. ONEKEY advises that affected devices, which are no longer supported by Ligowave, should have their administration interfaces restricted to management networks to mitigate potential exploitation risks.

Read More »
ONEKEY Security Advisory Remote Code Execution in Delta Electronics DVW Devices Blogoverview Banner

Security Advisory: Remote Code Execution in Delta Electronics DVW Devices

This security advisory highlights critical vulnerabilities in Delta Electronics’ DVW industrial Ethernet routers, revealed using ONEKEY’s binary zero-day identification feature. The vulnerabilities, affecting all firmware versions, include command injections and buffer overflows that could lead to remote code execution. Despite the end-of-life (EOL) status of these devices, which means no patches will be issued, it is advised to limit access to the administrative interface to prevent exploitation.

Read More »

Spotting Silent Patches in OSS with Binary Static Analysis

Discover how our latest binary static analysis tool is unearthing silently patched vulnerabilities in open-source software, revealing risks that could leave your systems exposed. This blog post delves into examples from widely used libraries, underscoring the need for a more thorough approach to vulnerability management beyond traditional CVE databases.

Read More »
ONEKEY Security Advisory Cisco Blog Overview Banner

Security Advisory: Remote Command Execution in Cisco Access Point WAP Products

This security advisory discloses critical vulnerabilities in Cisco’s Small Business Wireless APs and describes remote command execution vulnerabilities in all firmware versions that could be uncovered through the use of ONEKEY’s recently released binary zero-day identification feature. Although there are no patches due to the end-of-life status of the devices, it is recommended to restrict access to the administration interface.

Read More »
Binary Static Analysis – The Final Frontier ONEKEY Blogoverview Banner

Binary Static Analysis – The Final Frontier

Discover how the new feature for identifying zero-days in binaries files light on previously unexplored security risks in executable binaries. Learn more about our approach to decompilation, static code analysis and noise reduction to create a more secure digital environment. Learn more about the intricacies of our journey to improved cybersecurity.

Read More »
UNBLOB - Blog Overview banner highlighting features: FileSystem Sandboxing, Nice UI, and Pattern Identification, with a modern digital blue background

Latest Developments in Unblob (3)

Discover the latest UNBLOB developments, new features, and key changes in our blog post. Stay updated with our presentations at Blackhat Asia and BlackHat EU, the growing popularity of our GitHub repository, and major UNBLOB updates, including the FileSystem API, improved logging, and pattern auto-identification.

Read More »
ONEKEY Security Insight MAKING TOCTOU GREAT AGAIN – X(R)IP Blog Overview Banner

Making TOCTOU Great again – X(R)IP

Explore the nuances of TOCTOU vulnerabilities in embedded systems with XiP (eXecute in Place). Learn how these vulnerabilities can be exploited at the hardware level to bypass secure boot processes.

Read More »
UNBLOB Project Update Blog Overview-Banner

Latest Developments in Unblob (2)

In the ever-evolving world of firmware extraction, unblob continues to make waves. With five months of intense activity, our project has grown exponentially, and we have some exciting updates to share!

Read More »