CVE-2020-8423: exploiting the TP-LINK TL-WR841N V10 router

In this post I’ll explore the vulnerability that I found in the TL-WR841N router, a MIPS device by TP-Link, during a code auditing and how I wrote an exploit for it. To this vulnerability has been assigned the CVE-2020-8423.

CVE-2020-9544: DLink DSL-2640B un-authenticated firmware upgrade

This is a post about CVE-2020-9544 that involves the router DSL-2640B by D-Link. I did a simple security assessment on a my old specimen because I changed ISP and this allowed me to change router.

Tips and tricks in debugging kernel drivers in Linux

This post includes a couple of notes about linux kernel debugging, in particular the things that I keep forgetting.

Build embedded systems with buildroot

Buildroot is an integration system used to obtain complete bootable embedded systems; it uses a KConfig configuration mechanism (the menuconfig thing).

Attach images to a Django model without using database backed fields

In this post I want to create a model field that allows to manage derived images from a pre-existing field in the same model without using the database to store the path of the derived images but to derive it from a predefined convention.