This repository will contain security-related stuff I am doing.
Here you can find my writeups and proof of concepts for the vulnerabilities I have discovered. You can also find more information on my blog: https://hackerask.com
| Title | Severity (CVSS) | References (CVE, GHSA, etc.) |
|---|---|---|
| Root RCE via Arbitrary File Write in GeoIP Alias Importer | Critical (9.9) | - CVE-2026-57155 - GHSA-wjqq-rfmm-v5h3 - Blog Post |
| Stored XSS in Firewall Rules/NAT pages via a HTML-attribute breakout | Moderate (5.4) | - CVE-2026-58391 - GHSA-2xrm-p255-p43h - Blog Post |
| Stored XSS in Services: NTP GPS | Moderate (5.4) | - CVE-2026-58392 - GHSA-h793-67jm-j4m5 - Blog Post |
| XPath injection in MVC safe-delete | Moderate (4.3) | - CVE-2026-58395 - GHSA-98h6-479q-9q3w - Blog Post |
| Stored XSS in Administration Settings via Certificate Description | Moderate (5.2) | - CVE-2026-58394 - GHSA-8pgr-x852-qx4j - Blog Post |