hacefresko

>_ _ x

_ __ _ ___ | | / _| | | / _ \ | |__ __ _ ___ ___| |_ _ __ ___ ___| | _| | | | | '_ \ / _` |/ __/ _ \ _| '__/ _ \/ __| |/ / | | | | | | | (_| | (_| __/ | | | | __/\__ \ <| |_| | |_| |_|\__,_|\___\___|_| |_| \___||___/_|\_\\___/ root@hacefresko:~$ ./blog.sh

[ info ] A personal blog to share my journey into bug hunting and vuln research. [ posts ] [2024-04-06] Accessing +700,000 users data and reading files on a Solr endpoint ........ web, bugbounties [2022-02-11] Finding an RCE in the TP-Link tapo c200 camera ................................... iot, 0day [2021-10-26] Exploiting an SSTI in LiquidJS to read any file in the server ............. web, bugbounties [ CVEs ] [CVE-2024-2188] TP-Link archer ax50 stored XSS via UPnP ............................. [advisory][exploit] [CVE-2021-4045] TP-Link tapo c200 unauthentiacted RCE ............................... [advisory][exploit] [ social ] $ email $ twitter $ bluesky $ github $ hackerone $ bugcrowd