About me
Nothing to see here for now…
I’m currently focusing/learning…
- C++ (and memory bugs)
- Malware developement
- DSA
- Code review on large OSS projects (abt 100k+ SLOC)
Areas of interest
- Low level stuff
- OSdev, Kernel, etc
- C, Assembly (x86 family, ARM)
- Network protocols (and their implementations)
- Program security
- Binary exploitation (mainly on x86 but sometimes ARM)
- Code review and bug hunting
- Reverse engineering
- Video games heh :)
Vulnerability reports
| CVE-ID | Vendor | Components | Exploit primitive | Security implications |
|---|---|---|---|---|
| CVE-2024-6044 | D-Link | Eagle pro home router | Path traversal | Arbitrary file read (Network adjacent) |
| CVE-2024-6045 | D-Link | Eagle pro home router | Hidden functionality, Hardcoded credential | RCE (Network adjacent, Pre-auth) |
| CVE-2024-45694 | D-Link | DIR-X home router | Stack-based buffer overflow | RCE (Pre-auth) |
| CVE-2024-45695 | D-Link | DIR-X home router | Stack-based buffer overflow | RCE (Pre-auth) |
| CVE-2024-45696 | D-Link | DIR-X home router | Hidden functionality, Hard-coded credential | RCE (Pre-auth) |
| CVE-2024-45697 | D-Link | DIR-X home router | Misconfiguration | RCE (Pre-auth) |
| CVE-2024-45698 | D-Link | DIR-X home router | Command injection | RCE (Authenticated) |
| Not assigned | Mongodb | libbson (part of Mongodb C driver) | OOB RW | Unspecified (Application-specific) |
| CVE-2025-24302 | Intel open source | TinyCBOR | Uncontrolled recursion | Denial-of-Service |
| CVE-2025-20025 | Intel open source | TinyCBOR | Improper character escaping | Unspecified (Application-specific) |
Contact
Feel free to reach out with any feedback:
OpenPGP public keys / Finger prints: