Neuigkeiten

Blog

• DISCLOSURE

  When Backups Open Backdoors: Accessing Sensitive Cloud Data via "Synology Active Backup for Microsoft 365"

  27. Juni 2025

  A credential leaked by Synology allowed anyone unauthorized access to sensitive data of all Microsoft cloud tenants using “Active Backup for Microsoft 365” (ABM).

• PLAYGROUND

  ROPing our way to RCE

  7. Februar 2025

  From vulnerability to exploit - this post explores the journey of developing an ARM ROP chain to exploit a buffer overflow in uc-http. Dive into the process of reverse engineering, gadget hunting, and crafting a working exploit.

• PLAYGROUND

  Exploiting SSTI in a Modern Spring Boot Application (3.3.4)

  8. Januar 2025

  Learn how to exploit Server-Side Template Injection (SSTI) in a Spring Boot application using the Thymeleaf templating engine. Special focus will be set on bypassing defenses in newer versions.

• PLAYGROUND

  Tutorial: How we learned to love the doc(umentation)

  14. Oktober 2024

  Just read documentation to get RCE?! Our colleague Theresa designed a tutorial guiding you through an OpenVPN exploit scenario — for you to try at home!

Advisories

• [MZ-25-02] Synology Active Backup for Microsoft 365

  27. Juni 2025

  SynoOauth leaked credentials allowing unauthorized access to Microsoft Entra tenants using “Active Backup for Microsoft 365” (ABM)

• [MZ-25-01] Via Browser for Android

  27. Februar 2025

  Via Browser was affected by a universal Cross-Site Scripting (uXSS) issue

• [MZ-24-01] MailCleaner

  29. April 2024

  Unauthenticated Command Injection and Cross-Site Scripting (XSS) vulnerabilities in MailCleaner

• [MZ-23-01] Poly VoIP Devices

  29. Dezember 2023

  Several vulnerabilities in Poly VoIP devices