Ressourcen
>
Research

Research Blog

Bleiben Sie mit den neuesten Sicherheitshinweisen, Schwachstellenberichten und Plattformentwicklungen auf dem Laufenden — damit Ihre Produkte sicher und konform sind.

Ausgewählte Research-Artikel

Security Advisory: Remote Code Execution on Viasat Modems (CVE-2024-6199)
Research
Apr 25, 2025
5
min. Lesezeit

Security Advisory: Remote Code Execution on Viasat Modems (CVE-2024-6199)

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Viasat modems. Learn about the risks and recommended actions.

Quentin Kaiser
Quentin Kaiser
Lead Security Researcher
Mehr lesen
Security Advisory: Remote Code Execution on Viasat Modems (CVE-2024-6198)
Research
Apr 25, 2025
5
min. Lesezeit

Security Advisory: Remote Code Execution on Viasat Modems (CVE-2024-6198)

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Viasat modems. Learn about the risks and recommended actions.

Quentin Kaiser
Quentin Kaiser
Lead Security Researcher
Mehr lesen
Critical Vulnerabilities in EV Charging Stations: Analysis of eCharge Controllers
Research
Nov 26, 2024
20
min. Lesezeit

Critical Vulnerabilities in EV Charging Stations: Analysis of eCharge Controllers

Discover how severe security flaws, including unauthenticated remote command execution (CVE-2024-11665 & CVE-2024-11666), affect eCharge EV charging controllers. Learn about insecure firmware practices, cloud infrastructure issues, and actionable steps to mitigate risks in EV charging systems.

Quentin Kaiser
Quentin Kaiser
Lead Security Researcher
Mehr lesen
Security Advisory: Arbitrary Command Execution on TP-Link Archer C5400X
Research
May 26, 2024
5
min. Lesezeit

Security Advisory: Arbitrary Command Execution on TP-Link Archer C5400X

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in the TP-Link Archer C5400X router. Learn about the risks and recommended actions.

Mehr lesen
Bisherige
Weiter

Alle Research-Artikel

OpenSSL released a patch for high severity vulnerabilities – do operators and vendors of connected devices need to worry?
Research
Nov 1, 2022
3
min. Lesezeit

OpenSSL released a patch for high severity vulnerabilities – do operators and vendors of connected devices need to worry?

OpenSSL released a patch for high severity vulnerabilities – do operators and vendors of connected devices need to worry? Read more!

Mehr lesen
Security Advisory: NETGEAR Routers FunJSQ Vulnerabilities
Research
Sep 14, 2022
9
min. Lesezeit

Security Advisory: NETGEAR Routers FunJSQ Vulnerabilities

Detailed vulnerability analysis identifies several problems in FunJSQ on NETGEAR Routers & Orbi WiFi Systems. Read latest Security Advisory here 👉

Mehr lesen
Advisory: Cisco Small Business RV Series Routers Web Filter Database Update Command Injection Vulnerability
Research
Aug 8, 2022
5
min. Lesezeit

Advisory: Cisco Small Business RV Series Routers Web Filter Database Update Command Injection Vulnerability

The advisory describes a vulnerability ONEKEY identified when hunting for bugs to craft exploit chains for PWN2OWN 2021. Read advisory!

Mehr lesen
Advisory: FESTO: CECC-X-M1 - Command Injection Vulnerabilities
Research
Jul 6, 2022
5
min. Lesezeit

Advisory: FESTO: CECC-X-M1 - Command Injection Vulnerabilities

To evaluate and strengthen the automated vulnerability detection capabilities of ONEKEY, we frequently download and analyze firmware images from a variety of vendors. This is how we stumbled upon the CECC-X-M1 product line, an industrial controller manufactured by FESTO.

Mehr lesen
Advisory: Cisco RV340 Dual WAN Gigabit VPN Router (RCE over LAN)
Research
Feb 16, 2022
12
min. Lesezeit

Advisory: Cisco RV340 Dual WAN Gigabit VPN Router (RCE over LAN)

The IoT Inspector Research Lab uncovered vulnerabilities in Cisco RV340 leading to remote command execution as root over the LAN interface.

Mehr lesen
Advisory: Western Digital My Cloud Pro Series PR4100 RCE
Research
Feb 14, 2022
7
min. Lesezeit

Advisory: Western Digital My Cloud Pro Series PR4100 RCE

The IoT Inspector Research Lab uncovered a command injection vulnerability on Western Digital My Cloud Pro Series PR4100.

Mehr lesen
How-To: Extracting Decryption Keys for D-Link
Research
Nov 24, 2021
8
min. Lesezeit

How-To: Extracting Decryption Keys for D-Link

Find out how the IoT Inspector Research Lab extracted an encryption key for a subset of D-Link routers - in particular the D-Link DIR-X1560.

Mehr lesen
Advisory: Cisco ATA19X Privilege Escalation and RCE
Research
Oct 6, 2021
5
min. Lesezeit

Advisory: Cisco ATA19X Privilege Escalation and RCE

We found lacking user privilege separation enforcement and post-authentication command injection remote code execution within Cisco ATA19X firmware.

Mehr lesen
Swiming Upstream: Aufdeckung von Broadcom SDK-Schwachstellen anhand von Bugreports
Research
Oct 4, 2021
14
min. Lesezeit

Swiming Upstream: Aufdeckung von Broadcom SDK-Schwachstellen anhand von Bugreports

IoT Inspector identifizierte Sicherheitslücken in der UPnP-Implementierung des SDK von Broadcom, von denen Anbieter wie Cisco oder Linksys betroffen sind.

Mehr lesen
Schauen Sie sich Whitepapers an

Schauen Sie sich Whitepapers an

Lesen Sie ausführliche Whitepapers zu Cybersicherheit und Compliance, die darauf ausgelegt sind, die Sicherheit und Compliance Ihres Produkts zu verbessern.

Treffen Sie uns auf Veranstaltungen

Treffen Sie uns auf Veranstaltungen

Nehmen Sie an branchenführenden Veranstaltungen teil und tauschen Sie sich persönlich mit unseren Experten aus, um zu erfahren, wie Sie Ihre Cybersicherheits- und Compliance-Strategien verbessern können.

Einblicke aus unserem Blog

Einblicke aus unserem Blog

Holen Sie sich Expertentipps und Branchen-Updates.
In unserem Blog finden Sie praktische Ratschläge, Trends und Lösungen, die Ihnen helfen, sicher und konform zu bleiben.

Bereit zur automatisierung ihrer Cybersicherheit & Compliance?

Machen Sie Cybersicherheit und Compliance mit ONEKEY effizient und effektiv.

Eine Demo buchen