Pentester / Offensive Security Officer
I share with you my daily discoveries around pentesting and red teaming.
Here is the list of the vulnerabilities I discovered in products and that were published.
CVE-2018-3621 Intel Driver & Support Assistant: Drivers information disclosure bug through incorrect validation of the Origin header in local API requests (< 220.127.116.11)
CVE-2018-15481 UCOPIA Wireless Appliance restricted shell escape (< 5.1.13)
CVE-2017-17743 UCOPIA Wireless Appliance restricted shell escape (< 5.1.11 / 5.0.19 / 4.4.20)
CVE-2017-7344 Fortinet FortiClient Windows privilege escalation at logon
CVE-2016-5007 Spring Security / MVC Path Matching Inconsistency