Mastodawn

frycos

362 Followers

231 Following

628 Posts

Pwning with @codewhitesec / Poking code

Twitter	https://twitter.com/frycos
Github	https://github.com/Frycos/

frycos Nov 15

Just sayin‘ 🤷

Show thread

frycos Jun 16, 2025

Oh no, it's a variant of CVE-2024-29974...I accidentally found that a similar vuln affected Zyxel NWA50AX (Pro) and tested against devices (obviously) lacking the latest patches. This CVE was never publicly related to NWA50AX, though. Well, nice nday exercise then.

frycos Apr 16, 2025

That sums up my week's vacation pretty well. And I have to say, I like it.

frycos Mar 30, 2025

This was a pretty cool online course by @voidstarsec I can recommend.

frycos Feb 5, 2025

First blog post draft for 2025 queued for release. Waiting for patches then…

frycos Dec 2, 2024

Most of you know about Telerik or DevExpress but ever heard of Syncfusion as another big global player? I found some interesting vulnerabilities in it, fixed in version v27.1.55. Unfortunately, Syncfusion still tries to understand CVE assignments 😅

frycos Jun 14, 2024

Let's update some values for my latest Microsoft CVEs CVE-2024-35248+CVE-2024-35249. The blog post for my findings is almost done. Sending the draft in the next few days to MSRC for approval.

Show thread

frycos Apr 25, 2024

frycos Jan 18, 2024

You're one of the 5M users liking RedHat's VS Code plugin for XML language support? Automatic parsing means thinking about pasting from untrusted sources first #1paste2leak 😜

frycos Dec 27, 2023

2024 queue 🤌