NETGEAR Router, WD NAS Device hackedSecurity Affairs

N

 

Pwn2Own Tokyo 2020 hacking competitors is began, bug bounty hunters already hacked a NETGEAR router and a Western Digital NAS gadgets.

The favored Pwn2Own Tokyo hacking competitors is began and as a result of COVID-19 pandemic, the competitors has been organized as a digital occasion.

NETGEAR Router, WD NAS Device hackedSecurity Affairs

The Pwn2Own Tokyo is definitely coordinated by Zero Day Initiative from Toronto, Canada, and white hat hackers participating within the competitors must show their capacity to search out and exploit vulnerabilities in a broad vary of gadgets.

On the day one of many competitors, bug bounty hunters have efficiently hacked a vulnerability within the NETGEAR Nighthawk R7800 router. The members had been the Crew Black Espresso, Crew Flashback, and groups from cybersecurity companies Starlabs and Trapa Safety, and the Crew Flashback earned $20,000 for a distant code execution exploit that ensuing from the chaining of two bugs within the WAN interface.

“The workforce mixed an auth bypass bug and a command injection bug to achieve root on the system. They win $20,000 and a couple of factors in direction of Grasp of Pwn.” reads the put up on the official website of the Pwn2Own Tokyo 2020.

The Trapa workforce efficiently chained a pair of bugs to achieve code execution on the LAN interface of the router, the consultants earned $5,000 and 1 level in direction of Grasp of Pwn.

The STARLabs workforce earned the identical quantity after utilizing a command injection flaw to take management of the system.

The Western Digital My Cloud Professional collection PR4100 NSA system was focused by The Trapa Safety workforce additionally earned $20,000 for a working exploit for the Western Digital My Cloud Professional collection PR4100 NSA system.

The exploit code chained an authentication bypass bug and a command injection vulnerability to achieve root on the system.

The 84c0 Crew obtained partial success demonstrating a distant code execution exploit that leveraged a beforehand recognized challenge.

Within the afternoon, the Viettel Cyber Safety workforce focused a Samsung sensible TV, the Samsung Q60T tv, acquiring partial success as a result of the usage of a recognized vulnerability.

“The Viettel Crew was capable of get a reverse shell on a totally patched Samsung TV, however it was accomplished utilizing a recognized bug. This counts as a partial win, however it does web them 1 level in direction of Grasp of Pwn.” continues the put up.

Day two of Pwn2Own Tokyo already began, the members will try to hack TP-Hyperlink and NETGEAR routers, WD and Synology NAS gadgets, and Sony and Samsung TVs.

On the time of writing, Crew Flashback received one other $20,000 and a couple of extra Grasp of Pwn factors focusing on the WAN interface on the TP-Hyperlink AC1750 Good WiFi router.

In 2019, final 12 months’s Pwn2Own Tokyo, members earned a complete of $315,000 for disclosing 18 completely different flaws.

Pierluigi Paganini

(SecurityAffairs – hacking, Pwn2Own Tokyo)

 


 

\\readyshare,netgear readyshare not working,readyshare mac,access readyshare from android,netgear readyshare printer,best external hard drive for netgear router,readynas 212,netgear readynas software,readynas 214,readynas 422,readynas login,netgear 4tb nas drive,readyshareusb_storage android,netgear readyshare not detecting usb drive,netgear customer care india,router service center near me,tenda wifi router customer care number,netgear india orbi,netgear new connection,netgear distributor in pune,netgear readyshare usb drive format,netgear format usb drive,wdby8l0020bbk-pesn,seagate usb3.0 8tb model:srd0pv1,readynas enterprise,readycloud,netgear readyshare,smb://readyshare,readynas

Latest Posts