Recent Vulmon Research Posts

QNAP NAS HBS 3 Hybrid Backup Syn Hard-Coded Credentials QLocker Ransomware is using this vulnerability to encrypt files of QNAP customers.

Write-up of CVE-2021-30481 Source engine remote code execution via game invites

Pulse Connect Secure remote code execution through authentication bypass. CVSS V3.1 risk score is 10/10. The vulnerability has been exploited in the wild by the threat actor UNC2630. According to Fireeye UNC2630 may have ties with APT5 and the Chinese government.

Airstrike Attack - FDE bypass and EoP on domain joined Windows workstations (CVE-2021-28316)

Remote exploitation of a man-in-the-disk vulnerability in WhatsApp (CVE-2021-24027)

Valve Steam remote code execution. This vulnerability works for all Source Engine games. Exploitation video:

Exploit of CVE-2020-16040 Google Chrome <= 87.0.4280.88 vulnerability

CVE-2019-8761 is an interesting macOS bug that lets attackers execute HTML within a TXT file, leak files, and do all sorts of other funky things

Zoom Unintended Screen Sharing Vulnerability POC: