m1tz
@m1tzzz.bsky.social
Web Security Expert | Bug Hunter | Käferjäger
Reposted by m1tz
Latest ≠ Greatest? A Retrospective Analysis of CVE-2025-59287 in Microsoft WSUS from our very own @mwulftange.bsky.social who loves converting n-days to 0-days code-white.com/blog/wsus-cv...
CODE WHITE | A Retrospective Analysis of CVE-2025-59287 in Microsoft WSUS
How the n-day research for a suspected vulnerability in Microsoft WSUS (CVE-2025-59287) led to the surprising discovery of a new `SoapFormatter` vulnerability added by the Patch Tuesday updates of Oct...
code-white.com
October 29, 2025 at 1:05 PM
Latest ≠ Greatest? A Retrospective Analysis of CVE-2025-59287 in Microsoft WSUS from our very own @mwulftange.bsky.social who loves converting n-days to 0-days code-white.com/blog/wsus-cv...
Did you encounter the Supabase? Might wanna try my newest tooling or have a read about quickwins? There you go:
blog.m1tz.com/posts/2025/1...
blog.m1tz.com/posts/2025/1...
A Hands-On Edition: Will Supabase Be the Next Firebase (At Least in Terms of Security)?
It all started with my good colleague @schniggie who’s got my attention with an X post earlier that year. Until then I rarely heared of Supabase, but let us start from the scratch.
Firebase changed th...
blog.m1tz.com
October 7, 2025 at 8:01 PM
Did you encounter the Supabase? Might wanna try my newest tooling or have a read about quickwins? There you go:
blog.m1tz.com/posts/2025/1...
blog.m1tz.com/posts/2025/1...
Reposted by m1tz
Tired of dull, standard interviews? Talk to Kurt. Also, a few of my colleagues and I will be attending BruCON next week. Feel free to come and talk to us.
CODE WHITE proudly presents #ULMageddon which is our newest applicants challenge at apply-if-you-can.com packaged as a metal festival. Have fun 🤘 and #applyIfYouCan
September 15, 2025 at 7:44 AM
Tired of dull, standard interviews? Talk to Kurt. Also, a few of my colleagues and I will be attending BruCON next week. Feel free to come and talk to us.
Reposted by m1tz
We've added a new demo to NewRemotingTricks that makes deploying a MarshalByRefObject (e.g., WebClient) even easier: System.Lazy creates an instance of T on serialization, which is probably more likely to be allowed than a XAML gadget getting through. github.com/codewhitesec...
GitHub - codewhitesec/NewRemotingTricks: New exploitation tricks for hardened .NET Remoting servers
New exploitation tricks for hardened .NET Remoting servers - codewhitesec/NewRemotingTricks
github.com
August 5, 2025 at 3:11 PM
We've added a new demo to NewRemotingTricks that makes deploying a MarshalByRefObject (e.g., WebClient) even easier: System.Lazy creates an instance of T on serialization, which is probably more likely to be allowed than a XAML gadget getting through. github.com/codewhitesec...
Stumbled upon your next Firebase target? You might want to take a closer look at this.
blog.m1tz.com/posts/2025/0...
blog.m1tz.com/posts/2025/0...
Hacking Firebase Projects: Enumeration and Common Misconfigurations
After encountering multiple Firebase-related security issues through professional assessments at work and bug bounty hunting, I felt it was important to bring more visibility to the security implicati...
blog.m1tz.com
July 18, 2025 at 9:30 PM
Stumbled upon your next Firebase target? You might want to take a closer look at this.
blog.m1tz.com/posts/2025/0...
blog.m1tz.com/posts/2025/0...
Reposted by m1tz
Yes, we're beating a dead horse. But that horse still runs in corporate networks - and quietly gives attackers the keys to the kingdom. We're publishing what’s long been exploitable. Time to talk about it. #DSM #Ivanti code-white.com/blog/ivanti-...
CODE WHITE | Analyzing the Attack Surface of Ivanti's DSM
Ivanti's Desktop & Server Management (DSM) product is an old acquaintance that we have encountered in numerous red team and
internal assessments. The main purpose of the product is the centralized dis...
code-white.com
May 13, 2025 at 6:45 AM
Yes, we're beating a dead horse. But that horse still runs in corporate networks - and quietly gives attackers the keys to the kingdom. We're publishing what’s long been exploitable. Time to talk about it. #DSM #Ivanti code-white.com/blog/ivanti-...
Reposted by m1tz
Reposted by m1tz
I do have quite a backlog of blog posts, so let's start with this one 😎
Here's a short write-up about CVE-2023-6542 a #security vulnerability affecting the SAP Emarsys SDK for Android allowing attackers to leak sensitive data from an app's private data directory and also load remote contents into an app overlay.
www.rcesecurity.com/2025/04/sap-...
www.rcesecurity.com/2025/04/sap-...
SAP Emarsys SDK for Android Sensitive Data Leak (CVE-2023-6542) | RCE Security
www.rcesecurity.com
April 10, 2025 at 2:54 PM
I do have quite a backlog of blog posts, so let's start with this one 😎
Reposted by m1tz
Our crew members @mwulftange.bsky.social & @frycos.bsky.social discovered & responsibly disclosed several new RCE gadgets that bypass #Veeam 's blacklist for CVE-2024-40711 & CVE-2025-23120 + further entry points after @sinsinology.bsky.social & @chudypb.bsky.social 's blog. Replace BinaryFormatter!
March 28, 2025 at 4:35 PM
Our crew members @mwulftange.bsky.social & @frycos.bsky.social discovered & responsibly disclosed several new RCE gadgets that bypass #Veeam 's blacklist for CVE-2024-40711 & CVE-2025-23120 + further entry points after @sinsinology.bsky.social & @chudypb.bsky.social 's blog. Replace BinaryFormatter!
Reposted by m1tz
Most of you know about Telerik or DevExpress but ever heard of Syncfusion as another big global player? I found some interesting vulnerabilities in it, fixed in version v27.1.55. Unfortunately, Syncfusion still tries to understand CVE assignments 😅
December 2, 2024 at 8:46 AM
Most of you know about Telerik or DevExpress but ever heard of Syncfusion as another big global player? I found some interesting vulnerabilities in it, fixed in version v27.1.55. Unfortunately, Syncfusion still tries to understand CVE assignments 😅
Another live hacking event with the #kaeferjaeger . This time with #Intigriti in Heidelberg and the awesome target #Allegro . Had a great time and found a couple of bugs. #lhe #bughunting #bugbounty
November 24, 2024 at 10:25 AM
Another live hacking event with the #kaeferjaeger . This time with #Intigriti in Heidelberg and the awesome target #Allegro . Had a great time and found a couple of bugs. #lhe #bughunting #bugbounty