Publications

In the past I’ve worked on a few public projects that were either published in other news outlets or led to a CVE assignment:

  • Multiple vulnerabilities in the IP camera BASETech GE-131 BT-1837836 (CVE-2020-27553, CVE-2020-27554, CVE-2020-27555, CVE-2020-27556, CVE-2020-27557 and CVE-2020-27558) were publicly disclosed by me in this blog post.
  • I helped analyzing Webmin backdoors for an article at Golem.de which can be found here.
  • I publicly disclosed a vulnerability in the iOS QR code reader (CVE-2018-4187) in this blog post, which has been picked up by countless media outlets later such as The Register, heise.de and MacRumors.
  • A stored XSS vulnerability in Foreman (CVE-2017-15100) has been publicly disclosed by me in this blog post.
  • A stored XSS vulnerability in ownCloud (CVE-2012-4396) has been publicly disclosed by me in this blog post.