Vulnerabilities on AdRem NetCrunch platform

Thierry Viaccoz, Sylvain Heiniger and Fabio Poloni identified several vulnerabilities in the AdRem NetCrunch monitoring solution.

Details to these advisories:

CSNC-2019-011 / Server-Side Request Forgery (SSRF)

CSNC-2019-012 / Improper Credential Storage

CSNC-2019-013 / Cross-Site Scripting (XSS)

CSNC-2019-014 / Remote Code Execution

CSNC-2019-015 / Improper Session Handling

CSNC-2019-016 / Cross-Site Request Forgery (CSRF)

CSNC-2019-017 / Hardcoded SSL Private Key

CSNC-2019-018 / Credentials Disclosure

Retour

Blog

20.01.2026

Over the course of 2025, we performed several hundred security assessments for our clients. In each of these, security analysts must understand a new…

Calendar

14.03.2026

On Saturday, 14 March, Switzerland’s next generation of IT professionals will gather at the VIS Contact Party, the largest academic IT recruiting fair…

News

28.01.2026

Swiss broadcaster SRF is dedicating a full week to the theme "Fact or Fake?". In the show "Kassensturz", we had the chance to assist with an…