Skip to main content

🎉    We recently published 2 CVE's

foo

CVE-2021-35956
Stored cross-site scripting (XSS) in the embedded webserver of AKCP sensorProbe before SP480-20210624 enables remote authenticated attackers to introduce arbitrary JavaScript via the Sensor Description, Email (from/to/cc), System Name, and System Location fields.

foo

CVE-2021-3441
Stored cross-site scripting (XSS) in the embedded webserver of certain HP OfficeJet Printers—including the 4630 e-All-in-One Printer and 7110 Wide Format ePrinter— enables remote unauthenticated attackers to introduce arbitrary JavaScript via the printer name and printer location fields.

Obsrva Vulnerability Research Library

The research library is a repository of iOT and embedded devices availabale to be loaned for independent security research.

The research library is a repository of iOT and embedded devices availabale to be loaned for independent security research. Check out catalog below and request a device to collaborate on our research.

Request Form

If you’re interested in using one of the devices in the library for research, please fill out the interest form below. Someone from Obsrva will contact you within 3-5 business days.

Enviormental Monitors

AKCP

...
AKCP SensorProbe2 detector Sensor SP2

Vendor Description: The SP2 is an SNMP enabled and Web-Based Environmental Monitoring Device.

Printers

HP Inc

...
HP Officejet 4630 e-All-in-One Printer series

Vendor Description: The HP Officejet 4630 is a mid-range network enabled printer featuring an embedded webserver for print, scan, and maintenance activities

Video Encoders

Teradek

...
Teradek Cube 305 Encoder

Vendor Description: The Cube 555 is a camera-top wireless SD video encoder that works with composite cameras. The device streams via dual-band MIMO WiFi, Ethernet, or a single 3G/4G USB modem.

Avigilon

...
Avigilon 4-Port H.264 Analog Video Encoder

Vendor Description: Converts a standard analog video feed into a digital stream, enabling digital images to be sent over an IP network. You can then view live images on your IP network using video management software and add IP-based cameras as your budget allows.

Connect on Twitter