Hello everyone, today I will be talking about one of the critical bugs which I found in the Oracle Corporation. Now, let’s start with the recon process Step 1 : 1)There are multiple tools by which you can get subdomains, a few of them are given below… i) Findomain ii)…

Use of Default Credentials to Unauthorised Remote Access of Internal Panel of Tieline. 👨🏼‍💻Discovered by Pratik Khalane 📝Published on 01/07/2021. 📄Vulnerable version ≤ 2.6.4.8 🔗Vendor Homepage: https://tieline.com/gateway/ CVE Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35336 Bug Description: A vulnerability in the Tieline Web Administrative Interface on Version 2.6.4.8 and Below Could allow an Unauthenticated Remote User to access a sensitive part of the system with a high privileged account.

Hello everyone, today I will be talking about one of the critical bug which I found on the BBC website which is bypassing the admin portal using the default credentials. Now, let’s start with the recon process Step 1 : 1)There are multiple tools by which you can get subdomains…

This is my first article and I hope you guys will surely learn something new. Since I am not allowed to disclose the information about the company, let’s assume it as example.com. The main domain was the only scope to test for finding vulnerabilities. Now Lets Jump into the bug…………. …