Skip to main content
Compass SecurityCompass Security
Search
  • DE
  • FR
  • Current
    • News
    • Blog
    • Agenda
    • Advisories
  • Services
    • Penetration Tests
    • Security Review
    • Red Teaming
    • Bug Bounty Managed Service
    • Managed Detection and Response
    • Digital Forensics and Incident Response
  • Products
    • FileBox
    • Hacking-Lab
  • Trainings
    • Digital Forensics and Incident Response (DFIR)
    • Internal Network and System Security
    • Internet of Things Security
    • Open Source Intelligence (OSINT)
    • Secure Mobile Apps
    • Security Boot Camp
    • Social Engineering
    • Web Application Security Advanced
    • Web Application Security Basic
  • Research
    • Advisories
    • White Paper
    • Presentations
    • Studies
  • Company
    • About us
    • Our Understanding
    • Locations
    • Mailing list TIGER-INFO
    • Jobs
  • Contact
    • Free Initial Discussion
    • Sample Report
  • Emergency?
  • DE
  • FR
Search

You are here:

  1. Compass Security
  2. News
  3. Detail

Vulnerabilities on AdRem NetCrunch platform

12/09/2020

Thierry Viaccoz, Sylvain Heiniger and Fabio Poloni identified several vulnerabilities in the AdRem NetCrunch monitoring solution.

 

Details to these advisories:

CSNC-2019-011 / Server-Side Request Forgery (SSRF)

CSNC-2019-012 / Improper Credential Storage

CSNC-2019-013 / Cross-Site Scripting (XSS)

CSNC-2019-014 / Remote Code Execution

CSNC-2019-015 / Improper Session Handling

CSNC-2019-016 / Cross-Site Request Forgery (CSRF)

CSNC-2019-017 / Hardcoded SSL Private Key

CSNC-2019-018 / Credentials Disclosure

 

Back

Blog

Pwn2Own Ireland 2024 – Ubiquiti AI Bullet

26.06.2025

Introduction As you may know, Compass Security participated in the 2023 edition of the Pwn2Own contest in Toronto and was able to successfully…

Read more

Calendar

SINDEX - Switzerland's leading trade fair for industrial automation

02.09.2025

SINDEX is the leading Swiss exhibition for industrial automation. The industry meeting place presents the trends, innovations and key technologies of…

Read more

News

Our company is certified under ISO/IEC 27001:2022.

28.05.2025

Last week, we officially received the ISO/IEC 27001:2022 certificate, which was a great moment for our entire team.

Read more
  • Imprint
  • Legal
  • Sitemap
  • Deutsch
  • Français
  • Twitter
  • GitHub
  • LinkedIn
  • RSS