Hi, my name is Stefan Schiller (@scryh_). I have been a computer enthusiasts since my early childhood. Nowadays my main focus of interest is security research.
Discovered Vulnerabilities
Here is a list of vulnerabilities I discovered in public software:
Software | Vulnerability | Impact | CVE | Reference |
Guacamole | Use-After-Free | RCE | CVE-2023-30576 | Patch Notes |
Guacamole | Guacamole Protocol Injection | Information Disclosure, File Read | CVE-2023-30575 | Patch Notes |
OpenMeetings | Null-Byte Injection | RCE | CVE-2023-29246 | Patch Notes |
OpenMeetings | Logical | Auth Bypass | CVE-2023-29032 | Patch Notes |
OpenMeetings | Weak Hash Comparison | Auth Bypass | CVE-2023-28936 | Patch Notes |
OpenRefine | Zip Slip | Assisted RCE | CVE-2023-37476 | GitHub |
NETGEAR RAX30 | Stack-based Buffer Overflow | RCE | CVE-2023-34285 | ZDI-23-839 |
Pretalx | Path Traversal | Limited File Write | CVE-2023-28458 | Blog |
Pretalx | Path Traversal | Arbitrary File Read | CVE-2023-28459 | Blog |
Netdata | Command Injection | RCE | CVE-2023-22496 | GitHub |
Netdata | Logical | Auth Bypass | CVE-2023-22497 | GitHub |
OpenNMS | Unauthenticated, Stored XSS | Assisted RCE | CVE-2023-0846 | GitHub |
LibreNMS | Unauthenticated, Stored XSS | Assisted RCE | – | Blog, huntr.dev |
Cacti | Logical, Command Injection | RCE | CVE-2022-46169 | Blog, GitHub |
NagVis | Type Juggling | Auth Bypass | CVE-2022-3979 | Blog |
NagVis | Arbitrary File Read | RCE chain | CVE-2022-46945 | Blog |
Checkmk | Code Injection | RCE chain | CVE-2022-46836 | Blog, Patch Notes |
Checkmk | Line Feed Injection | RCE chain | CVE-2022-47909 | Blog, Patch Notes |
Checkmk | Server-Side Request Forgery | RCE chain | CVE-2022-48321 | Blog, Patch Notes |
Open Web Analytics | Information Disclosure / Arbitrary File Write | RCE | CVE-2022-24637 | Blog |
mpv media player | Format String / Heap Overflow | Assisted RCE | CVE-2021-30145 | Blog |
TeamSpeak 3 | Double-Free | DoS | – | Patch Notes |
AnyDesk | Format String | RCE | CVE-2020-13160 | Blog |