Skip to main content

5 posts tagged with "Research"

View All Tags

Some research stuffs with Operational Technology (OT) Security

· 2 min read

It’s probably been a good half a year since I last showed my face here, and now I’m dropping 2 or 3 blog posts in a row. It’s mostly just more research into CVEs and this one is no exception. The company gave us a target: either we punch this PLC, or we cannot sleep.

But because of that, my colleagues, my boss, and I were practically living in the lab. The result? We managed to find 7 bugs in Schneider Electric products. And hey, we got some sweet credit for it.

Credit 1: SEVD-2025-133-01

image

CVE-2025-27610: Local file inclusion

· 2 min read

After collecting a fair number of CVEs, I realized that having a CVE isn’t really that big of a deal—unless it’s a major one (or comes with a juicy bug bounty 😏). So I figured, why not challenge myself with a CVE that’s not from a giant like Microsoft or Google, but still big enough to push my limits a bit? That’s when I started hunting for a target with a few friends, just for fun. Then I thought—why not go for something a little off the beaten path?

That’s how I ended up looking into languages I hadn’t really touched much before, like Ruby, Rust, and Go. After some digging, I stumbled upon Rack—a Ruby interface that connects web servers with Ruby web applications.

Analysis CVE-2022-1471 (SnakeYaml)

· 8 min read

Introduction

CVE-2022-1471

This is specific to [email protected] and 1.32 versions. The vulnerability occurs when using the SnakeYaml “Constructor” directly, but not when using "SafeConstructor".

The SnakeYaml library for Java is vulnerable to arbitrary code execution due to a flaw in its Constructor class. The class does not restrict which types can be deserialized, allowing an attacker to provide a malicious YAML file for deserialization and potentially exploit the system.

Severity: image

Analysis CVE-2024-4367 (PDF.js)

· 10 min read

Introduction

CVE-2024-4367: Arbitrary JavaScript execution in PDF.js

CVE-2024-4367 presents a critical vulnerability within the esteemed PDF.js library, widely embraced for its adeptness in rendering PDF files in web browsers.

This exploit enables adversaries to inject and execute arbitrary JavaScript code within a user's browser context, catalyzing a perilous Cross-Site Scripting (XSS) scenario. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.

Severity:

image