all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Puckungfu 2: Another NETGEAR WAN Command Injection

Add to bookmarks
Feb. 9, 2024, noon | McCaulay Hudson

NCC Group Research Blog research.nccgroup.com

A story on finding a zero day attacking the NETGEAR WAN interface after a last minute patch for Pwn2Own 2022, involving a command injection, predicting random numbers, boot timing and voltage supply variations.

boot command command injection hardware & embedded systems injection interface netgear numbers patch pwn2own random random numbers research reverse engineering story supply voltage vulnerability vulnerability research wan

Visit resource

More from research.nccgroup.com / NCC Group Research Blog

Why AI Will Not Fully Replace Humans for Web Penetration Testing 1 day, 14 hours ago | research.nccgroup.com
advancements ai-powered artificial artificial intelligence +27
Integrating DigitalOcean into ScoutSuite 5 days, 19 hours ago | research.nccgroup.com
addition apac april auditing +15
Cranim: A Toolkit for Cryptographic Visualization 1 week, 1 day ago | research.nccgroup.com
block cbc cipher code +17
Announcing the Cryptopals Guided Tour Video 17: Padding Oracles! 1 week, 1 day ago | research.nccgroup.com
cryptography study guide tutorial
Ghidra nanoMIPS ISA module 3 weeks, 4 days ago | research.nccgroup.com
architecture aware baseband embedded +21
Sifting through the spines: identifying (potential) Cactus ransomware victims 1 month, 1 week ago | research.nccgroup.com
access blog cactus cactus ransomware +17
Public Report – Confidential Mode for Hyperdisk – DEK Protection Analysis 1 month, 2 weeks ago | research.nccgroup.com
analysis architecture confidential data +19
Non-Deterministic Nature of Prompt Injection 1 month, 2 weeks ago | research.nccgroup.com
attack easy explained exploiting +10
Technical Advisory – Ollama DNS Rebinding Attack (CVE-2024-28224) 1 month, 3 weeks ago | research.nccgroup.com
access advisory api attack +24

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com