-
Hacking into a Toyota/Eicher Motors insurance company by exploiting their premium calculator website
A vulnerable API on Toyota Tsusho Insurance Broker India’s premium calculator website exposed Microsoft corporate cloud credentials.
Eaton -
CVE-2023-6483: Improper/missing API authentication in ADiTaaS v5.1
The story of CVE-2023-6483, my first CVE and biggest security disclosure yet.
Eaton -
Tapping into a telecommunications company’s office cameras
API flaw enabled livestreaming of a telecommunications company’s office cameras.
Eaton -
Compromising Honda’s power equipment / marine / lawn & garden dealer eCommerce platform through a vulnerable password reset API
A vulnerable password reset API made it possible to take over any account and gain admin-level access to the platform. In addition, broken/missing access controls made it possible to access all data on the platform.
Eaton -
Insecure Toyota CRM exposed Mexican customer information
Breaking into a Toyota CRM and exploiting it to view customer information.
Eaton
Subscribe to new posts
Get an email notification every time something new is published.