Octagon Networks

@fofabot @zoomeye_team en.fofa.info/result?qbase64… Over 70k servers

🎄🎁 Here is a 0day unauthenticated root RCE affecting over 70,000 devices on the internet. pwn.ai/blog/cve-2025-… For our first post, we show how pwnai autonomously found a root rce affecting XSpeeder, over 8 months ago. To our knowledge, this is the first agent-found, remotely exploitable 0day RCE published. Merry Christmas & Happy New Year 🎅💥

Looks like nation-state actors are utilizing fully autonomous hacking engines. Wild to see them finally doing what we’ve already built, tested, and pushed way further at @pwn_ai. The future of hacking is autonomous!

What we are building is insane. If vendors patched quicker, we would've showed you already. The sort of vulnerabilities pwn.ai is finding is on par with the top security researchers. preauth RCE after preauth RCE fully autonomously. Will drop a blog post soon.

With little help with @pwndotai , which is an agentic hacking ecosystem we are building, we are able to get 1-click RCE in Cluely (@cluely). The exploit takes time to setup but it's straight forward and can be reached via many techniques, and an indirect prompt injection. The full technical report is sent to Cluely team and we expect them to address it in a timely manner. In the meantime go follow @Pwndotai for upcoming announcements and advisories using our agentic tools

For the last year and a half we have been secretly working on multiple products that will shake and transform cyber security as we know it. From vulnerability detection, source code audit and penetration testing, to bug bounty and offensive security research. Stay tuned! 🤫

Here's a little tip to escalate Client Side Path Traversal (in <script src>) to XSS in wordpress sites; It is possible to use the /wp-json/?_jsonp=<payload> rest-api path to execute arbitrary js functions. Read more at octagon.net/blog/2022/05/2… Credits: @OctagonNetworks

This CSP bypass technique utilizing SOME attack went under the radar but allowed for a novel way to defeat CSP with only A-z,. characters & windows. Another interesting fact of the specific issue is, WordPress remains vulnerable to this day and affects all WordPress sites (49% of the internet) The technique was nominated for Top Web Hacks for 2022 by @PortSwigger. You can read how it works on our blog: octagon.net/blog/2022/05/2…

Researchers have uncovered several serious vulnerabilities in Juniper Networks devices, some of which could be exploited for code execution. Read: thehackernews.com/2022/10/high-s… #infosec #cybersecurity #hacking

🔥✍️New post: CVE-2022-22241 preauth RCE and multiple high severity vulnerabilities affecting all Juniper networking devices including Juniper SSLVPN. octagon.net/blog/2022/10/2… #networking #hacking

Tag is out for CVE-2022-22241, a pre-authentication Phar deserialization vulnerability in Juniper JunOS, discovered by @PaulosYibelo and @OctagonNetworks. At this time, @GreyNoiseIO sensors have not observed exploitation in the wild. Track using Trends: viz.greynoise.io/tag/junos-os-p…

JUST IN: Octagon Networks becomes first cybersecurity company to convert entire balance sheet to #bitcoin 👏

Today, Octagon Networks becomes the first cybersecurity company to convert it's entire balance sheet into #Bitcoin. We will also start accepting payments in Bitcoin, and offering a discount to encourage the use of Bitcoin. Read More: octagon.net/press/2022/06/…

In the comments, nobody is really explaining the root cause. The json_decode allows an attacker to control a type other than string or array. So they can supply a value that’s decoded to a boolean and when juggled with a string, equates to true: 3v4l.org/a1PLP /1

🔥⛓️ CVE-2022-24990: TerraMaster TOS unauthenticated remote command execution via PHP Object Instantiation, new blog post: octagon.net/blog/2022/03/0… #bugbounty #bugbountytips #rce

Researchers disclose two critical vulnerabilities in Control Web Panel—previously known as #CentOS Web—that could be exploited as part of an exploit chain to achieve pre-authenticated RCE on affected #Linux servers. thehackernews.com/2022/01/critic… #infosec #cybersecurity

🚨 Octagon Networks has reproduced an unpatched SharePoint zero-day (CVE-2025-53770) now under active attack. Exploits leak MachineKey secrets, letting attackers hijack __VIEWSTATE for persistent code execution. If your SharePoint is exposed online, assume it’s compromised, take it offline and begin forensic analysis while awaiting a patch.