Home | VerSprite Resources

Exploitation of Vulnerabilities

We are passionate about helping our clients chart a course that brings security and business together.

Android

Blog Post

Exploring Android Vulnerabilities and Binder: Part II Building POC Code with Android NDK

This blog continues Part I of the android exploitation experiment. We build a proof-of-concept code with an Android NDK. UAF vulnerability (CVE-2019-2215)

Learn more

Android Vulnerability

Blog Post

Exploitation of Vulnerabilities

Exploring Android Vulnerabilities and Binder: Part I

This blog post will trigger a UAF vulnerability (CVE-2019-2215) in Binder from scratch. After preparing the necessary environment and tools, we will reach the KASAN output with the POC exploit.

Learn more

NETGEAR Nighthawk WiFi Router Vulnerability Bug | VerSprite Security Research

Blog Post

VerSprite Finds Vulnerability in NETGEAR Nighthawk WiFi Router

VerSprite’s Security Research team found a high-risk vulnerability in NETGEAR’s popular gaming router. This vulnerability analysis details more on the risk level, disclosure timeline, the ZEBRA daemon vulnerability, and patch information.

Learn more

Opto 22 PAC Factory Software Security concern | VerSprite Cyber Security

Blog Post

Opto 22 PAC security vulnerability

Unpatched Security Vulnerability in OPTO 22 PAC Basic Software

This ungated Vulnerability Analysis Report outlines the vulnerabilities found by VerSprite’s security research team within Razer’s Synapse 3 software suite, including risk level, disclosure timeline, and remediation information. The vulnerabilities covered are CVE-2021-30493 and CVE-2021-30494.

Learn more

Razer-Synapse-3-Security-Vulnerability-Analysis-2

Blog Post

Exploitation of Vulnerabilities

Razer Synapse 3 Security Vulnerability Analysis Report

This ungated Vulnerability Analysis Report outlines the vulnerabilities found by VerSprite’s security research team within Razer’s Synapse 3 software suite, including risk level, disclosure timeline, and remediation information. The vulnerabilities covered are CVE-2021-30493 and CVE-2021-30494.

Learn more

Blog Post

named pipe static analysis

Windows Named Pipes Part 4: Taking a Trip Down Static Analysis Lane

In the last iteration of our four-part series, VerSprite’s security researchers examine real-world examples of reversing and exploiting Windows named pipe servers within applications using a custom vulnerable application. The methods covered to achieve this goal is through static analysis.

Learn more

Blog Post

Ematic Wavlink Winstar Jetstream Router Security Backdoor

Ematic, Wavlink, Winstars, and Jetstream Wi-Fi Routers Have Hidden Backdoor

A web-accessible backdoor was found in affordable Wi-Fi routers sold at Walmart, eBay, and Amazon. In this article, VerSprite experts explore the backdoor vulnerability investigation and provide mitigation solutions.

Learn more

How-to-Reverse-and-Exploit-Windows-Named-Pipe-Servers---VerSprite

Blog Post

Security Vulnerabilities

Part 3: Reversing & Exploiting Custom Windows Named Pipe Servers

In part three of this four-part series, VerSprite’s security researchers examine real-world examples of reversing and exploiting Windows named pipe servers within applications using a custom vulnerable application. The methods covered to achieve this goal is through using both dynamic analysis and static analysis.

Learn more

Blog Post

What is Responsible Disclosure?

What is responsible disclosure? In this article, VerSprite will outline a typical process for zero-day vulnerability reporting, the ethics behind hacking, and provide real-world examples of our responsible disclosures.

Learn more

We are an international squad of professionals working as one.

Email

[email protected]

logos