Do you know TheHive and Cortex ? TheHive is a free and open-source security incident response platform which relies on Cortex to analyze observables (IP, email addresses, domain names, etc…). Thanks to TheHive Project we had the chance to pentest these software a few weeks ago. TheHive team has decided to jointly publish […]

TheHive pentest

Bull/IBM Clusterwatch/Watchware is a VERY VERY OLD tool used by sysadmins to manage their AIX clusters. Marble effect in the web banner and questionable font: it smells the 90s ! Tool is mainly a web app with CGIs (shell scripts and binaries) and we have found three vulnerabilities in it: […]

[0day] Bull/IBM AIX Clusterwatch/Watchware vulnerabilities

Abstract Last summer during a pentest for a client we came across high-end IP cameras made by Geutebruck, a “leading German manufacturer and developer of high-quality, intelligent video security solutions” (source: and found a trivial remote command execution vulnerability (0day) affecting version and prior versions. We’ve choose to “responsible […]

[0day] Anonymous RCE on Geutebruck IP Cameras

Abstract Last summer during a pentest for a client we came across industrial switches made by Hirschmann, “a Belden Brand, (which) provides the industry with leading Ethernet networking technology and sets the industrial networking standards for quality, reliability and service.” (Source: ) and found a few unknown vulnerabilities (0day) affecting […]

[0day] Authentication Bypass on Belden Hirschmann GECKO switches