Resources
>
Research

Research Blog

Stay up to date with the newest security advisories, vulnerability reports, and platform developments—keeping your products secure and compliant.

Featured research articles

The X in XFTP Stands For eXecute
Research
Jul 9, 2024
6
 min read

The X in XFTP Stands For eXecute

Find out how our platform enhances firmware security by identifying vulnerabilities & bugs in ICT products, ensuring compliance with DORA & NIS2 directive.

This is some text inside of a div block.
This is some text inside of a div block.
Read More
Security Advisory: Arbitrary Command Execution on TP-Link Archer C5400X
Research
May 27, 2024
5
 min read

Security Advisory: Arbitrary Command Execution on TP-Link Archer C5400X

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in the TP-Link Archer C5400X router. Learn about the risks and recommended actions.

This is some text inside of a div block.
This is some text inside of a div block.
Read More
Previous
Next

All research articles

Advisory: Cisco RV34X Series - Authentication Bypass and Remote Command Execution
Research
Apr 12, 2021
5
 min read

Advisory: Cisco RV34X Series - Authentication Bypass and Remote Command Execution

IoT Inspector identified security issues in Cisco's RV34X series of devices. Read the full root analysis on our blog!

Read More
Advisory: Fibaro Home Center - Multiple Vulnerabilities (CVE-2021-20989, CVE-2021-20990, CVE-2021-20991, CVE-2021-20992)
Research
Apr 7, 2021
7
 min read

Advisory: Fibaro Home Center - Multiple Vulnerabilities (CVE-2021-20989, CVE-2021-20990, CVE-2021-20991, CVE-2021-20992)

IoT Inspector discovered multiple vulnerabilities in the Fibaro Home Center 2 and Home Center Lite. Users are advised to upgrade.

Read More
Patch Diffing Entire Firmware Images, Squeezing Out Bugs
Research
Mar 21, 2021
11
 min read

Patch Diffing Entire Firmware Images, Squeezing Out Bugs

Firmware patch diffing is a relatively under-documented, but important process in IoT security research. Let's look at a real-world example!

Read More
Advisory: D-Link DIR-3060 Authenticated RCE (CVE-2021-28144)
Research
Mar 10, 2021
6
 min read

Advisory: D-Link DIR-3060 Authenticated RCE (CVE-2021-28144)

The D-Link DIR-3060 is affected by a post-authentication command injection vulnerability, which was discovered and disclosed by IoT Inspector.

Read More
Huawei cryptographic keys embedded in Cisco's firmware
Research
Jul 2, 2019
3
 min read

Huawei cryptographic keys embedded in Cisco's firmware

Read More
check out white papers

check out white papers

Explore in-depth whitepapers on cybersecurity and compliance, designed to strengthen your product’s security and compliance.

Insights from Our Blog

Insights from Our Blog

Get expert tips and industry updates.
Dive into our blog for practical advice, trends, and solutions that help you stay secure and compliant.

Ready to automate your Product Cybersecurity & Compliance?

Make cybersecurity and compliance efficient and effective with ONEKEY.

Book a Demo