https://advisory.ruz.fi/Recent content on Riyan Firmansyah Research & PublicationsHugoen-usThu, 02 Jan 2025 00:00:00 +0000https://advisory.ruz.fi/talks/skill-issue-takeover-cloud-managed-router-copy/Thu, 02 Jan 2025 00:00:00 +0000https://advisory.ruz.fi/talks/skill-issue-takeover-cloud-managed-router-copy/Explain and explore embedded system hacking fundamentals, including static and dynamic analysis, real-world case studies, tools, and ethical considerations for security research and vulnerability disclosure.https://advisory.ruz.fi/talks/idsecconf-2023-takeover-cloud-managed-router/Sat, 04 Nov 2023 00:00:00 +0000https://advisory.ruz.fi/talks/idsecconf-2023-takeover-cloud-managed-router/Cloud Managed Routers are a combination of conventional routers and cloud management technology, developed to make it easier for users to remotely manage their routers. However, if implemented incorrectly, this feature can be exploited by unauthorized parties, and can even lead to the risk of router access being compromised. In this topic, I’ll briefly explain how this risk can arise.https://advisory.ruz.fi/disclosures/cve-2023-53881-reyee-cwmp-mitm-rce/Fri, 04 Aug 2023 00:00:00 +0000https://advisory.ruz.fi/disclosures/cve-2023-53881-reyee-cwmp-mitm-rce/ReyeeOS contains an unprotected CWMP (CPE WAN Management Protocol) communication that allows attackers to intercept and manipulate device communication through a man-in-the-middle attack, enabling arbitrary command execution on Ruijie Reyee devices.