Research Blog
Stay up to date with the newest security advisories, vulnerability reports, and platform developments—keeping your products secure and compliant.
Featured research articles
All research articles
Unblob 2024 Highlights: Sandboxing, Reporting, and Community Milestones
Explore the latest developments in Unblob, including enhanced sandboxing with Landlock, improved carving reporting, and χ² randomness analysis. Celebrate community contributions, academic research collaborations, and new format handlers, while looking forward to exciting updates in 2025.
%201.avif)
Critical Vulnerabilities in EV Charging Stations: Analysis of eCharge Controllers
Discover how severe security flaws, including unauthenticated remote command execution (CVE-2024-11665 & CVE-2024-11666), affect eCharge EV charging controllers. Learn about insecure firmware practices, cloud infrastructure issues, and actionable steps to mitigate risks in EV charging systems.
Security Advisory: Unauthenticated Command Injection in Mitel IP Phones
Discover critical vulnerabilities in Mitel SIP phones that allow unauthenticated command injection. Learn how outdated input parsing can expose your devices and why it's essential to scan firmware for security risks. Protect your network with our in-depth analysis and expert takeaways.
The X in XFTP Stands For eXecute
Find out how our platform enhances firmware security by identifying vulnerabilities & bugs in ICT products, ensuring compliance with DORA & NIS2 directive.
Security Advisory: Arbitrary Command Execution on TP-Link Archer C5400X
Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in the TP-Link Archer C5400X router. Learn about the risks and recommended actions.
Security Advisory: Remote Code Execution in Ligowave Devices
Explore the security advisory detailing remote code execution vulnerabilities in Ligowave devices. Learn about the risks & recommended protections.
Security Advisory: Remote Code Execution in Delta Electronics DVW Devices
Discover critical vulnerabilities in Delta Electronics' DVW routers, including command injections and buffer overflows, enabling remote code execution.
check out white papers
Explore in-depth whitepapers on cybersecurity and compliance, designed to strengthen your product’s security and compliance.
Ready to automate your Product Cybersecurity & Compliance?
Make cybersecurity and compliance efficient and effective with ONEKEY.