Vulnerability-Research

Today, I’ll be cracking open the AC1200 Dual Band Wi-fi Router vM32A3_V1410_240222 and attempting to get a UART shell! Let’s dive right into it. Opening the Router My first step was to identify the mechanisms keeping the router sealed. I found some screws hidden beneath plastic feet on the bottom of the router. I began by removing them as seen in the photo below. After I removed them, I still struggled to get the device open....

Introduction On November 19th, 2024, Qualys publicly disclosed five local privilege escalation vulnerabilities discovered in the needrestart binary that comes installed by default on Ubuntu Server installations. They disclose the technical details of these here, however, I will be attempting to rediscover CVE-2024-48990 prior to reading the technical details based purely on the information from the CVE description and references. Then, I will create my own exploit that gives me a reverse shell as root....