iam.chi

Chi Tran

Hey! I am Chi Tran | Father of 2 | Security Engineer | I love cooking and making spicy noodles. | Disclaimer: The opinions expressed here and all the research are my own and do not represent those of current or past employers.

Research 15
CTF 2

Research

CVE-2024-45719: Predictable Authorization Token Vulnerability in Apache Answer

4 minute read

Overview

CVE-2024-46911: Uncovering CSRF vulnerabilities in Apache Roller

7 minute read

Overview

How I nabbed a new CVE from a Cookie-Munching, Scam-Slinging Browser Extension

6 minute read

Friday night @ 9PM….

[Pwn2Own 2022] CVE-2023-0855: Canon imageClass MF743CDW IPP BOF

1 minute read

Overview

Pwning the Samsung TV

3 minute read

Overview

Pwning the Facebook Portal

4 minute read

Overview

How I faked tons of COVID passes — Weak Key Cryptography in real world

4 minute read

Vulnerability Summary

[ZDI-21-977] D-Link DAP-2020 webproc Stack-based BOF RCE

2 minute read

Overview

[CVE-2020-8962] D-LINK DIR-842 Stack-based Buffer-overflow

1 minute read

Overview

[CVE-2020-7237] Remote Code Execution in Cacti RRDTool

1 minute read

Overview

Arbitrary Command Execution in latest OrangeHRM platform

2 minute read

Overview

CVE-2019-12347: Stored Cross-site Scripting on pfSense 2.4.4-RELEASE-p3

1 minute read

Overview

CVE-2019-[12584-12585] : Command Injection Vulnerability on pfSense 2.4.4-RELEASE-p3

1 minute read

Overview

CVE-2019-10016: GForge Advanced Server Input validation error in ‘commonsearch.php’

1 minute read

Overview

CVE-2019-10017: CMS Made Simple 2.2.10 XSS via File Picker Extension

1 minute read

Overview

CTF

[Google CTF 2019] Web Challenge - gphotos

less than 1 minute read

[Google CTF 2019] Web Challenge - bnv

less than 1 minute read