McCaulay Hudson

Puckungfu: A NETGEAR WAN Command Injection

Summary Vulnerability Details Overview Execution Flow /bin/pucfu /usr/lib/libfwcheck.so get_check_fw fw_check_api curl_post /lib/libpu_util.so SetFileValue pegaPopen Check Firmware HTTPS Normal Request Response Exploitation Command Injection Response Root Shell Final Notes Patch Pwn2Own Note Summary This blog post describes a command injection vulnerability found and exploited in November 2022 by NCC Group in…

Read more
McCaulay Hudson
Hardware & Embedded Systems
Research
Reverse Engineering
UK Research
Vulnerability

December 22, 2022

7 mins read

Read more

MeshyJSON: A TP-Link tdpServer JSON Stack Overflow

Summary Target Binary tdpServer Architecture Mitigations Forks Understanding The Vulnerability Reaching The Vulnerable Function Broadcast Fork Flow Server Fork Flow JSON Array Stack Overflow Triggering The Bug Broadcast Fork Response Server Fork Request Vulnerability Constraints Storing Arbitrary Content In Memory cJSON Summarized cJSON Struct cJSON Data cJSON Heap Memory Single…

Read more
McCaulay Hudson
Hardware & Embedded Systems
Research
Reverse Engineering
UK Research
Vulnerability

December 19, 2022

27 mins read

Read more