A deep dive into CVE-2021-21735 on the ZTE ZXHN H168N home gateway, where two unauthenticated wizard endpoints (wizard_pppoe_lua.lua and wizard_wlan_config_lua.lua) leaked PPPoE identifiers, SSID data, and Wi-Fi passphrases — converting a “low-severity” information disclosure into a full administrative and WLAN takeover path. Includes the root-cause analysis, request/response patterns, the disclosure timeline, and the ZTE vs. NVD severity split.
CNX Software write-up on the OpenTrafficMap project — a €20 open-source ESP32-C5 receiver board that taps the 5.9 GHz 802.11p ITS-G5 V2X stack used by European traffic lights, buses, trams, trucks and connected vehicles, decodes CAM/DENM/SPATEM/MAPEM messages, and publishes them to a public map via NATS. Twenty units already deployed; group-buy of 450 boards shipping. Includes the original board photos, the deployment shot with a Mikrotik 4G uplink, the pole-mount enclosure, and the Graz Linux Days 2026 talk video.
An English rewrite of Jean-Luc Aufranc’s May 25, 2026 CNX Software piece on V2X2MAP — an MIT-licensed Android app by Peter Holzhauser (Pit711) that pairs with a cheap Waveshare ESP32-C5 dual-band Wi-Fi board to receive the European ITS-G5 / 802.11p V2X stack and plot CAM, DENM, SPATEM and MAPEM messages on a live map. Includes the legal disclaimer carried inside the app and a defenders’ view of the privacy and detection implications.
Printers are not harmless office boxes. Misconfigured LDAP, SMTP, SMB or SNMP can leak domain creds, enabling AD enumeration, relay attacks and lateral movement. Treat printers like real network assets.
Researchers exploited weaknesses in Xiaomi’s miIO protocol to bypass authentication, predict cryptographic values, and trigger memory corruption, ultimately achieving remote code execution and a cloud-independent jailbreak on a Xiaomi C400 camera.
The article shows how AI-assisted reverse engineering of the TP-Link Tapo C200 firmware uncovered hardcoded keys, buffer overflows, and insecure APIs, demonstrating how IoT devices can expose users to remote compromise and privacy risks.
The research reverse-engineers the TP-Link Tapo C260 camera firmware and analyzes Tapo Discovery Protocol v2. By dumping and decrypting the filesystem, the author reconstructs protocol logic and maps the device’s network attack surface.
Reverse engineering a Bluetooth printer server reveals multiple security flaws, including exposed debug interfaces and insecure GATT services, enabling unauthenticated remote code execution with root privileges via Bluetooth or network access.
Reverse engineering a cheap smartwatch and reviving the classic “blinkenlights” attack to extract firmware through screen update patterns, revealing weaknesses in OTA update mechanisms, BLE communication, and embedded device security design.
The article explains how to reverse engineer embedded firmware using Ghidra, covering techniques for loading firmware, identifying CPU architectures, analyzing functions, and using scripts/plugins to understand device logic and discover vulnerabilities.
