Dustin Cobb, Author at Security Boulevard

Hot Topics

XZ Utils-Like Takeover Attempt Targets the OpenJS Foundation
USENIX Security ’23 - The Maginot Line: Attacking The Boundary Of DNS Caching Protection
What it takes to do Cloud Detection & Response
Glitter and… Firewalls? How to stay safe this festival season
The Unseen Powerhouse: Demystifying Authentication Infrastructure for Tech Leaders

RCE Using Caller ID – Multiple Vulnerabilities in FusionPBX

Dustin Cobb | June 7, 2019

Aon’s Cyber Solutions has recently discovered several vulnerabilities in FusionPBX, an open-source VoIP PBX application that runs on top of the FreeSWITCH VoIP switch. These vulnerabilities allow for novel exploitation vectors, including an exploit chain that is triggered by a phone call with a malicious caller ID value that leads ... Read More

Blog

Remote Code Execution in BlogEngine.NET

Dustin Cobb | March 28, 2019

Aon’s Cyber Solutions Security Testing team recently discovered a vulnerability, CVE-2019-6714, in the BlogEngine.NET blogging software platform affecting versions 3.3.6.0 and earlier. This issue allows for remote code execution through a path traversal vulnerability in the file upload feature available to blog post editors. A fix is available in the ... Read More

Blog