Last year we participated in the Pwn2Own 2023 Toronto competition and successfully exploited the Synology BC500 camera. The DEVCORE Internship Program team managed to exploit a bug in the TP-Link Omada Gigabit VPN Router. So I was naturally curious and wanted to figure out how difficult it would be to recreate that exploit having access only to a high-level bug description and the firmware.
Compass Security Blog
Offensive Defense
In this fourth part of the series, we analyze the memory corruption identified previously and manage to overwrite the program pointer!
© 2024 Compass Security Blog