News
The latest news published by modzero.
Blog
- DISCLOSURE
When Backups Open Backdoors: Accessing Sensitive Cloud Data via "Synology Active Backup for Microsoft 365"
June 27, 2025
A credential leaked by Synology allowed anyone unauthorized access to sensitive data of all Microsoft cloud tenants using “Active Backup for Microsoft 365” (ABM).
- PLAYGROUND
ROPing our way to RCE
February 7, 2025
From vulnerability to exploit - this post explores the journey of developing an ARM ROP chain to exploit a buffer overflow in uc-http. Dive into the process of reverse engineering, gadget hunting, and crafting a working exploit.
- PLAYGROUND
Exploiting SSTI in a Modern Spring Boot Application (3.3.4)
January 8, 2025
Learn how to exploit Server-Side Template Injection (SSTI) in a Spring Boot application using the Thymeleaf templating engine. Special focus will be set on bypassing defenses in newer versions.
- PLAYGROUND
Tutorial: How we learned to love the doc(umentation)
October 14, 2024
Just read documentation to get RCE?! Our colleague Theresa designed a tutorial guiding you through an OpenVPN exploit scenario — for you to try at home!
Advisories
[MZ-25-02] Synology Active Backup for Microsoft 365
June 27, 2025
SynoOauth leaked credentials allowing unauthorized access to Microsoft Entra tenants using “Active Backup for Microsoft 365” (ABM)
[MZ-25-01] Via Browser for Android
February 27, 2025
Via Browser was affected by a universal Cross-Site Scripting (uXSS) issue
[MZ-24-01] MailCleaner
April 29, 2024
Unauthenticated Command Injection and Cross-Site Scripting (XSS) vulnerabilities in MailCleaner
[MZ-23-01] Poly VoIP Devices
December 29, 2023
Several vulnerabilities in Poly VoIP devices