lirantal, 1 year ago Remember SOAP? This Netgear router had no less than 5 CVEs disclosed to its name due to stack-based buffer overflows in the SOAP that resulted in an exploit chain can be leveraged by an attacker to gain pre-authentication remote code execution on affected devices. CVE-2023-27357 CVE-2023-27367 CVE-2023-27368 CVE-2023-27369 CVE-2023-27370 Job well done by Team82, read more here https://claroty.com/team82/research/chaining-five-vulnerabilities-to-exploit-netgear-nighthawk-rax30-routers-at-pwn2own-toronto-2022
Remember SOAP?
This Netgear router had no less than 5 CVEs disclosed to its name due to stack-based buffer overflows in the SOAP that resulted in an exploit chain can be leveraged by an attacker to gain pre-authentication remote code execution on affected devices.
CVE-2023-27357 CVE-2023-27367 CVE-2023-27368 CVE-2023-27369 CVE-2023-27370
Job well done by Team82, read more here https://claroty.com/team82/research/chaining-five-vulnerabilities-to-exploit-netgear-nighthawk-rax30-routers-at-pwn2own-toronto-2022
torgo, 1 year ago @lirantal I always knew SOAP was a wash.
@lirantal I always knew SOAP was a wash.
janl, 1 year ago @torgo @lirantal clean code tho
@torgo @lirantal clean code tho
Add comment