Publications

While most of my work is under NDAs, I’ve also worked on a few public projects that were either published in other news outlets or led to a CVE assignment:

  • Multiple vulnerabilities in the Blurams Lumi Security Camera A31C (CVE-2023-50488 and CVE-2023-51820) were publicly disclosed by me in this blog post.
  • Reflected Cross Site Scripting (CVE-2023-22309), Denial of Service (CVE-2023-22318), and privilege escalation (CVE-2023-22294) vulnerabilities in the Checkmk Appliance software.
  • Replay attack in Meross smart devices (CVE-2021-35067) has been publicly disclosed in this blog post.
  • Multiple vulnerabilities in the IP camera BASETech GE-131 BT-1837836 (CVE-2020-27553, CVE-2020-27554, CVE-2020-27555, CVE-2020-27556, CVE-2020-27557 and CVE-2020-27558) were publicly disclosed by me in this blog post.
  • I helped analyzing Webmin backdoors for an article at Golem.de which can be found here.
  • I publicly disclosed a vulnerability in the Apple iOS QR code reader (CVE-2018-4187) in this blog post, which has been picked up by countless media outlets later such as The Register, heise.de and MacRumors.
  • A stored XSS vulnerability in Foreman (CVE-2017-15100) has been publicly disclosed by me in this blog post.
  • A stored XSS vulnerability in ownCloud (CVE-2012-4396) has been publicly disclosed by me in this blog post.