789 matches found
binary-exploitation
binary-exploitation A collection of binary exploitation...
CVE-2026-0754
An embedded test key and certificate could be extracted from a Poly Voice device using specialized reverse engineering tools. This extracted certificate could be accepted by a SIP service provider if the service provider does not perform proper validation of the device certificate...
CVE-2025-69969
The CVE concerns SRK Powertech Pvt Ltd Pebble Prism Ultra v2.9.2, where a lack of authentication and authorization in the BLE protocol enables an attacker within BLE proximity to reverse engineer the protocol and execute arbitrary commands on the device without a connection. The issue also permit...
CVE-2025-69969
A lack of authentication and authorization mechanisms in the Bluetooth Low Energy BLE communication protocol of SRK Powertech Pvt Ltd Pebble Prism Ultra v2.9.2 allows attackers to reverse engineer the protocol and execute arbitrary commands on the device without establishing a connection. This is...
EUVD-2026-9270
An embedded test key and certificate could be extracted from a Poly Voice device using specialized reverse engineering tools. This extracted certificate could be accepted by a SIP service provider if the service provider does not perform proper validation of the device certificate...
CVE-2026-0754 SIP Service Providers – Possible Impersonation of Poly Voice Device
An embedded test key and certificate could be extracted from a Poly Voice device using specialized reverse engineering tools. This extracted certificate could be accepted by a SIP service provider if the service provider does not perform proper validation of the device certificate...
PT-2026-22708
An embedded test key and certificate could be extracted from a Poly Voice device using specialized reverse engineering tools. This extracted certificate could be accepted by a SIP service provider if the service provider does not perform proper validation of the device certificate...
CVE-2025-1242
The administrative credentials can be extracted through application API responses, mobile application reverse engineering, and device firmware reverse engineering. The exposure may result in an attacker gaining full administrative access to the Gardyn IoT Hub exposing connected devices to malicio...
EUVD-2025-208113
The administrative credentials can be extracted through application API responses, mobile application reverse engineering, and device firmware reverse engineering. The exposure may result in an attacker gaining full administrative access to the Gardyn IoT Hub exposing connected devices to malicio...
CVE-2025-1242
The administrative credentials can be extracted through application API responses, mobile application reverse engineering, and device firmware reverse engineering. The exposure may result in an attacker gaining full administrative access to the Gardyn IoT Hub exposing connected devices to malicio...
CVE-2025-1242 Administrative Credentials Can Be Extracted Through Gardyn API Responses
The administrative credentials can be extracted through application API responses, mobile application reverse engineering, and device firmware reverse engineering. The exposure may result in an attacker gaining full administrative access to the Gardyn IoT Hub exposing connected devices to malicio...
CVE-2025-1242
CVE-2025-1242 affects Gardyn Home Kit via Gardyn IoT Hub. Root cause: hard-coded administrative credential iothubowner exposed across multiple vectors (API responses, mobile app, and device firmware), enabling unauthenticated full admin access to the hub and connected devices. Connected documents...
CVE-2025-1242
The administrative credentials can be extracted through application API responses, mobile application reverse engineering, and device firmware reverse engineering. The exposure may result in an attacker gaining full administrative access to the Gardyn IoT Hub exposing connected devices to malicio...
CVE-2025-1242 Administrative Credentials Can Be Extracted Through Gardyn API Responses
The administrative credentials can be extracted through application API responses, mobile application reverse engineering, and device firmware reverse engineering. The exposure may result in an attacker gaining full administrative access to the Gardyn IoT Hub exposing connected devices to malicio...
Gardyn 4 信任管理问题漏洞
Gardyn 4 is a home-use vertical hydroponic cultivation system developed by the American company Gardyn. Gardyn 4 has a vulnerability related to trust management. This vulnerability stems from the ability to extract management credentials through application API responses, mobile application rever...
PT-2026-21920
Name of the Vulnerable Software and Affected Versions Gardyn IoT Hub affected versions not specified Description Administrative credentials can be extracted through application API responses, mobile application reverse engineering, and device firmware reverse engineering. This exposure may allow ...
Hobby coder accidentally creates vacuum robot army
Sammy Azdoufal wanted to steer his robot vacuum with a PS5 controller. Like any good maker, he thought it would be fun to drive a new DJI Romo around manually. He ended up gaining access to an army of robotic cleaners that gave him eyes into thousands of homes. Driven by purely playful reasons,...
A Real-Time Approach to Autonomous CAN Bus Reverse Engineering
This paper introduces a real-time method for reverse engineering a vehicle's CAN bus without prior knowledge of the vehicle or its CAN system. By comparing inertial measurement and CAN data during significant vehicle events, the method accurately identified the CAN channels associated with the...
Djena_Bertrand
Description This the writeup on the challenges we solved duri...
PT-2026-5711
Name of the Vulnerable Software and Affected Versions Rizin versions prior to 0.8.2 Description Rizin, a reverse engineering framework, contains a flaw where a heap overflow can occur when processing maliciously crafted mach0 files with invalid dyld chained segment entries. This issue can be...