Click "Sign up" to join the WhiteHub cybersecurity community
Choose a public program to start pentesting
Report any discovered vulnerability to claim rewards and accumulate reputation point in order to join restricted programs
Members with high experience points will be granted the Trusted status and invited to secret programs with extra perks
D-Link DNS-320 ShareCenter <= 2.05.B10 - Unauthenticated Remote code execution
CyStack Advisory IDCSA-2019-03CVE IDsCVE-2019-16057SeverityCriticalSynopsis CyStack security discovered a remote code execution vulnerability in the D-Link DNS-320 ShareCenter [http://sharecenter.dlink.com/products/DNS-320]device which its version is lower or equal 2.05.B10 . By exploiting the vulne...
Subdomain takeover - Chapter two: Azure Services
As I described in the chapter one [https://blog.cystack.net/subdomain-takeover/] , we can control the content of a sub-domain d by controlling the content of domain d1 that d points to through its CNAME record. Azure [https://azure.microsoft.com/en-us/], a popular cloud service offer many servi...