Please sumbit your encrypted report as a github issue. Thank you

Full Disclosure published reports

2024

• FDEU-CVE-2024-8ab4 - Globaltips using unprotected writable NFC cards.

2023

• FDEU-CVE-2023-77dc - Mezon SWC-9200 router is vulnerable to remote code execution.

• FDEU-CVE-2023-60ab - Registru Centras GoSign digital signature middleware insecure architecture.

• FDEU-CVE-2023-5ef0 - VeroCafe insecure mobile application.

2022

• CVE-2021-44827 - TP-Link router Archer C20i contains authenticated remote code execution vulnerability

• FDEU-CVE-2022-41c0 - Tele2 again incorrectly using HTTPS on its self-service website.

2021

• FDEU-CVE-2021-2F01 - Vulnerable Cgates router and outdated ACS management server

• FDEU-CVE-2021-525A - D-Link credentials decryption tool poc

• FDEU-CVE-2021-30F0 - Bypass of mobile internet restrictions

2020

• FDEU-CVE-2020-03081 - Temporary code's weakness in Tele2 self service API allows take over of any account

• FDEU-CVE-2020-1FC5 - Telia Technicolor TG389ac Samba privilege escalation exploit

• FDEU-CVE-2020-1C7E - Vulnerable Alcatel HH40V routers still being sold by Bite Lietuva

2019

• FDEU-CVE-2019-10222 - Multiple vulnerabilities in Telia's backdoor and self service could allow to run arbitrary code on an intranet server and remotely take over all users' routers

• FDEU-CVE-2019-275B - 10 years old SQL injection in Spykas VoIP provider could allow an authenticated remote attacker to deploy a web shell, leak personal data and use SIP credentials for free calls