Vulnerabilities on AdRem NetCrunch platform

Thierry Viaccoz, Sylvain Heiniger and Fabio Poloni identified several vulnerabilities in the AdRem NetCrunch monitoring solution.

Details to these advisories:

CSNC-2019-011 / Server-Side Request Forgery (SSRF)

CSNC-2019-012 / Improper Credential Storage

CSNC-2019-013 / Cross-Site Scripting (XSS)

CSNC-2019-014 / Remote Code Execution

CSNC-2019-015 / Improper Session Handling

CSNC-2019-016 / Cross-Site Request Forgery (CSRF)

CSNC-2019-017 / Hardcoded SSL Private Key

CSNC-2019-018 / Credentials Disclosure

Back

Blog

08.07.2025

In 2024 we looked at the possibility of leveraging open weights LLMs for source code analysis. The answer was clearly negative, as a small code base…

Calendar

02.09.2025

SINDEX is the leading Swiss exhibition for industrial automation. The industry meeting place presents the trends, innovations and key technologies of…

News

08.07.2025

In this interview with CyberCompare, our managing director Jan-Tilo Kirchhoff talks about his professional career, Compass Security's focus, and how…