Category: Articles

How I hacked ASUS?

Hello folks! Today I want to talk about ASUS RCE vulnerability on rma.asus-europe.eu domain. I was trying to fill out service apply form for my personal laptop. I had a screen issue. I realised that there is an upload part to upload some warranty documents. I was trying to bypass upload restrictions by editing request….


CyberArk EPM Privilege Escalation Vulnerability – CVE-2018-13052

Hi everybody, today I just want to talk about CyberArk EPM Privilege Escalation vulnerability (CVE-2018-13052). Actually CyberArk made awesome product – at least in theoretically -. Companies can arrange privileges from one single console. It has a lot of options to arrange privileges. For example, you can set a specific application to elevate but at the same…


CyberArk EPM file block bypass – CVE-2018-14894

Hi folks! I found an interesting vulnerability on CyberArk Endpoint Privilege Manager. CyberArk EPM file block bypass (CVE-2018-14894) is very easy -even you have slave privileges-.CyberArk EPM aims to manage privileges from one hand and prevent any harm with admin privileges. How does CyberArk EPM work? If user needs admin privileges, CyberArk gives the admin token to…