Ostorlab: Mobile App Security Testing for Android and iOS

Tag

vulnerability

Assessing the Large-Scale Exposure of CUPS Vulnerabilities: Chained CVEs Leading to Remote Code Execution

This article assesses the large-scale exposure of systems to multiple CVEs affecting the CUPS printing service, which can be chained together to achieve unauthenticated remote code execution (RCE). We provide an overview of how these vulnerabilities, including CVE-2024-47176, work in tandem, walking through the exploit flow. Additionally, we analyze how many systems are potentially vulnerable and highlight a unique behavior observed during testing.

Youssef Badaoui

Saad Mazouzi


            Wed 16 October 2024

Security

ZIP Exploitation: Critical Vulnerabilities Found in Popular Zip Libraries in Swift and Flutter

Recent in-depth investigations reveal serious vulnerabilities discovered in widely-used zip packages in Flutter and Swift, posing serious security risks for thousands of developers and applications. Our article delves into the technical aspects of these vulnerabilities, explaining their discovery, implications and mitigation strategies.

Ostorlab Team


                  Fri 04 August 2023

Engineering

Life of a Scan: how OXO's open-source vulnerability scanner works

This article talks about how OXO works under the hood.

Rabson Phiri


                  Tue 02 August 2022

vulnerability

Assessing the Large-Scale Exposure of CUPS Vulnerabilities: Chained CVEs Leading to Remote Code Execution

ZIP Exploitation: Critical Vulnerabilities Found in Popular Zip Libraries in Swift and Flutter

Life of a Scan: how OXO's open-source vulnerability scanner works

Subscribe to the Ostorlab Newsletter