Infiltrating Corporate Intranet Like NSA - Pre-auth RCE On Leading SSL VPNs

mKGq8z17Kd4/default.jpg

By Orange Tsai & Meh Chang

We disclose practical attacks capable of compromising millions of targets, including tech giants and many industry leaders. These techniques and methodologies are published in the hope that it can inspire more security researchers to think out-of-the-box; enterprises can apply immediate mitigation, and realize that SSL VPN is not merely Virtual Private Network, but also a "Vulnerable Point of your Network".

Full Abstract & Presentation Slides: https://www.blackhat.com/us-19/briefi...

mKGq8z17Kd4/default.jpg
Infiltrating Corporate Intranet Like NSA - Pre-auth RCE On Leading SSL VPNs Infiltrating Corporate Intranet Like NSA - Pre-auth RCE On Leading SSL VPNs Reviewed by Unknown on September 23, 2019 Rating: 5