Seamlessly Discovering Netgear Universal Plug-and-Pwn (UPnP) 0-days

Introduction A Vulnerability Researcher’s Favorite Stress Relief Continuing in our series of research findings involving Netgear1 products,2 this blog post describes a pre-authentication vulnerability in Netgear SOHO Devices that can lead to Remote Code Execution (RCE) as root. While our previous research investigated the Netgear web server and update daemons, the issues described in this blog revolve […]

Seamlessly Discovering Netgear Universal Plug-and-Pwn (UPnP) 0-days Read More »

Mama Always Told Me Not to Trust Strangers without Certificates

Introduction This blog post details a vulnerability, the exploitation of which results in Remote Code Execution (RCE) as root, that impacts many modern Netgear Small Offices/Home Offices (SOHO) devices. The vulnerability isn’t your typical router vulnerability, in that the source of the vulnerability is located within a third-party component included in the firmware of many

Mama Always Told Me Not to Trust Strangers without Certificates Read More »

Old dog, same tricks

Introduction When enterprise software gets old, should we consider it tried-and-true, or decrepit and a threat, like the superglue holding the soles of my running shoes together? Old software that’s been humming around in the background hasn’t necessarily broken, but that doesn’t mean that you can necessarily trust it; in fact there should be a

Old dog, same tricks Read More »

Time for an upgrade

Introduction Cleaning your domain clock Sometimes we grow to like the old software we’ve become familiar with over the years, but because as users we only see the facade of an interface and functionality, we don’t know what risks may exist in something as simple as a clock. The bar is high for enterprise software:

Time for an upgrade Read More »


GRIMM is pleased to announce the launch of their new Private Vulnerability Disclosure (PVD) program. This offering allows defenders to get ahead of the attack curve, instead of reacting to unknown threats, by providing previously unknown vulnerabilities. Subscribers will have access to a stream of high-impact vulnerabilities from GRIMM’s internal research team. Release timing will