PwnFuzz Labs

PwnFuzz LabsCutting-edge research, technical writeups, and exploit development from the PwnFuzz team.https://pwnfuzz.github.io/The Cryptographic Blind Spot: Sante PACS Server's Decryption Overflow Unveiledhttps://pwnfuzz.github.io/posts/sante-pacs-cve-2025-2263-buffer-overflow/https://pwnfuzz.github.io/posts/sante-pacs-cve-2025-2263-buffer-overflow/This article contains a full breakdown of a stack-based buffer overflow vulnerability found in Sante PACS Server version before 4.2.0 (Credits: Tenable Research). The whole application is built on top of the C, meaning we will deal with full reverse engineering, IDA pseudocode, disassemblers and debugger shenanigans.Mon, 21 Jul 2025 00:00:00 GMTD4mianWayneCVE 2025-2825 - CrushFTP Authentication Bypass Analysishttps://pwnfuzz.github.io/posts/crushftp-cve-2025-2825/https://pwnfuzz.github.io/posts/crushftp-cve-2025-2825/Comprehensive analysis of CVE-2025-2825, a critical authentication bypass vulnerability in CrushFTP. Technical deep dive into the root cause of the vulnerability, patch analysis and exploitation process.Sun, 30 Mar 2025 00:00:00 GMTD4mianWayneCVE 2024-37397 - Ivanti Endpoint Manager XXE Vulnerabilityhttps://pwnfuzz.github.io/posts/ivanti-endpoint-manager-xxe-cve-2024-37397/https://pwnfuzz.github.io/posts/ivanti-endpoint-manager-xxe-cve-2024-37397/This blog provides an in-depth analysis of the exploitation process for an unauthenticated External XML Entity (XXE) vulnerability in Ivanti Endpoint Manager, identified as CVE-2024-37397.Sun, 24 Nov 2024 00:00:00 GMTD4mianWayneExploring Recent CVEs in HPE Insight Remote Supporthttps://pwnfuzz.github.io/posts/hpe-irs-cve-deep-dive/https://pwnfuzz.github.io/posts/hpe-irs-cve-deep-dive/In this post, we’ll delve into two vulnerabilities recently discovered in the HPE Insight Remote Support (IRS) application, versions prior to v7.14.0.629. These vulnerabilities—CVE-2024-53675 (unauthenticated XXE vulnerability) and CVE-2024-53676 (Remote Code Execution, or RCE vulnerability)—pose significant security risks, allowing unauthorized access and arbitrary code execution on vulnerable systems.Wed, 08 Jan 2025 00:00:00 GMTD4mianWayneCVE 2024-4040 - CrushFTP Server-Side Template Injection Vulnerability Analysishttps://pwnfuzz.github.io/posts/crushftp-cve-2024-4040/https://pwnfuzz.github.io/posts/crushftp-cve-2024-4040/This blog post contains a thorough analysis of Server Side Template Injection vulnerability in a commercial Managed File Transfer product named CrushFTP. Exploit script is available.Thu, 09 May 2024 00:00:00 GMTD4mianWayne