"Seamlessly Discovering Netgear Universal Plug-and-Pwn (UPnP) 0-days"
By my team

It's a story of:
1. A stack based buffer overflow in 2021
2. Working around some interesting limitations
3. a single ROP gadget that can reset the root password (or a more complicated chain to covertly get arbitrary code execution as root)
4. Parallel discovery with another security resrarcher, and
5. A f0rever day exploit for the unsupported routers

Sign in to participate in the conversation

Mostly hackers, mostly in Urbana, IL, talking to each other & our friends on like-minded servers without giving our personal data to the marketing machine.