cq674350529Pwn2Own2020 Synology NAS Netatalk Heap Overflow AnalysisBased on Synology `DSM 6.1.7–15284` version, this article analyzes a heap overflow vulnerability used at the Pwn2Own Tokyo 2020…Sep 4Sep 4
cq674350529Analyzing the MiniDLNA HTTP Chunk Parsing Vulnerability (CVE-2023–33476)Analyze an out-of-bounds read/write vulnerability in the MiniDLNA, and focus on the exploitation techniques of the vulnerabilityApr 3Apr 3
cq674350529A Journey into Synology NAS — Part 4: HTTP Request Processing Flow and Vulnerability AnalysisPrefaceDec 3, 2023Dec 3, 2023
cq674350529A Journey into Synology NAS — Part3: Analyzing iscsi_snapshot_comm_core ServiceThis article will analyze another service called “iscsi_snapshot_comm_core”, and share several security issues discovered within the serviceSep 23, 2023Sep 23, 2023
cq674350529Analyzing the Vulnerability in ASUS Router (maybe) from TFC2021Based on the ASUS RT-AX56U V2 router, this article analyzes the integer overflow vulnerability used in 2021 Tianfu Cup hacking competiton.Aug 5, 2023Aug 5, 2023
cq674350529Patch Diff an Old Vulnerability in Synology NASThis article uses patch diff technique to locate and analyze the vulnerability mentioned in the Synology security advisory…Apr 9, 2023Apr 9, 2023
cq674350529A Journey into Synology NAS — Part 2: Analyzing findhostd ServiceAnalyze the findhostd service on Synology NAS, including the communication mechanism, the syno_finder protocol format, and protocol…Mar 7, 2023Mar 7, 2023
cq674350529Analyzing an Old Netatalk dsi_writeinit Buffer Overflow Vulnerability in NETGEAR RouterDue to lack of proper validation on certain fields, a buffer overflow would occur when calling memcpy() in dsi_writeinit()Feb 9, 2023Feb 9, 2023
cq674350529A Journey into Synology NAS — Part 1: Introduction to Synology NASGive a simple introduction to Synology NAS, and provide methods for setting up a Synology NAS environmentFeb 5, 2023Feb 5, 2023
