Guido Vranken



Recent Posts

Uncovering Memory Defects in cereal (CVE-2020-11104 & CVE-2020-11105)

Introduction

Deserialization of untrusted input is a common attack vector, making both the MITRE top-25 most dangerous software errors. Even without an attacker, mistakes in serialization or deserialization decrease the reliability of your code.  

Read More

Uncovering OpenWRT remote code execution (CVE-2020-7982)

Introduction

For ForAllSecure, I’ve been focusing on finding bugs in OpenWRT using their Mayhem software. My research on OpenWRT has been a combination of writing custom harnesses, running binaries of the box without recompilation, and manual inspection of code.

Read More

Stay Connected

Information Management Today

Subscribe to updates