IOT security intro

#資安
相關參考連結:

IOT101

論壇/研究筆記

IOT 漏洞復現

CVE-2025-9377 - OS command inj

firmware: https://www.tp-link.com/us/support/download/tl-wr841n/v8/ qemu-able?: Y 復現目標: 分析漏洞成因並成功注入

其他感覺有趣的方向

CISCO NAC service

CVE-2025-20281 firmware: Y runable: Y https://software.cisco.com/download/home/283801620/type/283802505/release/3.2.0 復現目標: 分析漏洞成因並成功RCE 目前進度: investagating[v] –-> reversing[v] —> exploiting[]

UEFI bypass安全開關機(cve-2024-7344)

https://www.welivesecurity.com/en/eset-research/under-cloak-uefi-secure-boot-introducing-cve-2024-7344/

firmware : Y 目前進度: investagating[v] –-> reversing

UEFI 相關CVE與復現資料參考

https://eclypsium.com/blog/ueficanhazbufferoverflow-widespread-impact-from-vulnerability-in-popular-pc-and-server-firmware/

>https://nvd.nist.gov/vuln/detail/cve-2024-0762