Häcker for hire @cyllective↗, annoying DnD player, and amateur film-photographer
I write about the things that scratched that one part of my brain. Those are mostly security-related topics I encounter during work or in my spare time. Some of my humble opinions might also find their way onto this site. I’m also the addict behind matelab.ch↗.
CVEs
- CVE-2022-40799↗: D-Link DNR-322L - Auth. RCE
- CVE-2024-8602↗: eCH-0196 SSK taxstatement.jar - XXE
- CVE-2024-9044↗: EasyTax AG - XXE
- CVE-2025-0422↗: Cordaware bestinformed Web - Auth. RCE
- CVE-2025-0423↗: Cordaware bestinformed Web - Unauth. XSS
- CVE-2025-0424↗: Cordaware bestinformed Web - Auth. XSS
- CVE-2025-0425↗: Cordaware bestinformed Infoclient - LPE
- CVE-2025-13154↗: Lenovo Vantage - Arb. File Delete (LPE)
- CVE-2026-1715↗: TBA - TBA
- CVE-2026-1716↗: TBA - TBA
- CVE-2026-1717↗: TBA - TBA