Dawid Czagan, Founder and CEO at Silesia Security Labs and author of Bug Hunting Millionaire, is listed in HackerOne's Top 10 Hackers. In a recent article on his website, Czagan disclosed the details of a vulnerability combining both Cross-site Request Forgery (CSRF) and Remote Code Execution (RCE) on routers that led him to discover and gain access to the machines within the network of the router.
During his discovery, Czagan found out that the web interface of D-Link DIR-600 routers was vulnerable to a CSRF vulnerability. While CSRF is no longer listed in OWASP's Top 10, it is still a significant problem.
from DZone.com Feed http://bit.ly/2Aqf0Af
No comments:
Post a Comment