Vulnerabilities on AdRem NetCrunch platform

Thierry Viaccoz, Sylvain Heiniger and Fabio Poloni identified several vulnerabilities in the AdRem NetCrunch monitoring solution.

Details to these advisories:

CSNC-2019-011 / Server-Side Request Forgery (SSRF)

CSNC-2019-012 / Improper Credential Storage

CSNC-2019-013 / Cross-Site Scripting (XSS)

CSNC-2019-014 / Remote Code Execution

CSNC-2019-015 / Improper Session Handling

CSNC-2019-016 / Cross-Site Request Forgery (CSRF)

CSNC-2019-017 / Hardcoded SSL Private Key

CSNC-2019-018 / Credentials Disclosure

Back

Blog

20.01.2026

Over the course of 2025, we performed several hundred security assessments for our clients. In each of these, security analysts must understand a new…

Calendar

14.03.2026

On Saturday, 14 March, Switzerland’s next generation of IT professionals will gather at the VIS Contact Party, the largest academic IT recruiting fair…

News

17.12.2025

How can SMEs reduce cyber risks effectively without embarking on complex projects? In 'LEADER digital', Cyrill Brunschwiler shares practical…