Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Exploring the Hidden Attack Surface of OEM Routers

Ekoparty Security Conference via YouTube

Overview

Delve into the hidden vulnerabilities of OEM routers in this 45-minute conference talk from Ekoparty 2022. Explore the challenges faced during the analysis of a top-selling router, leading to the discovery of a zero-click remote unauthenticated RCE vulnerability (CVE-2022-27255). Gain insights into the poor state of firmware security, where vulnerable code introduced down the supply chain often goes unreviewed, potentially causing significant impact. Learn how this research demonstrates that security is not a priority for vendors and opens opportunities for attackers to find high-impact bugs with low investment and minimal prior knowledge. Presented by Octavio Gianatiempo, a Security Researcher at Faraday and Computer Science student at the University of Buenos Aires, this talk combines expertise in reverse engineering, fuzzing, and vulnerability exploitation with a unique background in molecular biology and neuroscience.

Syllabus

Octavio Gianatiempo - Exploring the hidden attack surface of OEM routers - Ekoparty 2022

Taught by

Ekoparty Security Conference

Reviews

Start your review of Exploring the Hidden Attack Surface of OEM Routers

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.