edit_note

Blog

Security research, internet scanning insights, vulnerability analysis, and product updates from the Zondex team.

grid_viewAll science Research school Tutorials gpp_maybe Threat Intelligence new_releases Product Updates

Threat Intelligence May 17, 2026

Gunicorn 20.0.4 Vulnerability: What You Need to Know

The Gunicorn 20.0.4 vulnerability refers primarily to CVE-2020-14343 (Denial of Service) and CVE-2020-14344 (Request Smuggling), critical flaws allowing attackers to disrupt service or bypass security controls by exploiting improper handling of chunked HTTP requests, necessitating immediate upgrades

personZondex Research Team

Read arrow_forward

Python Vulnerability Web Server

Threat Intelligence May 09, 2026

CVE-2018-2380: SAP CRM Vulnerability Deep Dive

CVE-2018-2380 exposes SAP CRM systems to critical XML External Entity (XXE) vulnerabilities, allowing attackers to read arbitrary files, trigger server-side requests, or potentially execute code. This flaw can lead to severe data breaches and system compromise if left unpatched, emphasizing the need

personZondex Research Team

Read arrow_forward

Cve Sap Vulnerability

Threat Intelligence Apr 30, 2026

CVE-2021-33045: Dahua Camera Authentication Bypass Analysis

CVE-2021-33045 details a critical authentication bypass vulnerability in numerous Dahua Technology network cameras and video recorders, allowing unauthenticated attackers to gain administrative control via a specially crafted HTTP request. This flaw poses a significant risk for unauthorized access a

personZondex Research Team

Read arrow_forward

Cameras Cve Vulnerability

Threat Intelligence Apr 09, 2026

Jetty 10.0.20 Exploit: Vulnerability Analysis and Detection

The Jetty 10.0.20 version, like other 10.x releases, is susceptible to critical HTTP/2 vulnerabilities such as Rapid Reset (CVE-2023-44487) and Request Smuggling (CVE-2023-36478), leading to denial-of-service and potential security bypasses. Zondex can pinpoint exposed instances for immediate remedi

personZondex Research Team

Read arrow_forward

Java Vulnerability Web Server

Threat Intelligence Apr 01, 2026

OpenSSH 8.2p1 Vulnerabilities: Complete CVE Analysis and Mitigation

OpenSSH 8.2p1 contains critical vulnerabilities, primarily CVE-2020-14145 (double-free) and CVE-2020-14155 (integer overflow), exposing systems to potential denial-of-service and information disclosure. Immediate upgrade to OpenSSH 8.4p1 or newer is imperative to address these significant security r

personZondex Research Team

Read arrow_forward

Cve Ssh Vulnerability

Threat Intelligence Mar 13, 2026

Unmasking Mirai: A Deep Dive into Command & Control Server Tracking with Zondex

Explore the sophisticated world of Mirai botnet Command & Control server infrastructure. This deep dive leveraging Zondex's internet scanning capabilities provides cybersecurity professionals with practical methods for threat intelligence, attack surface management, and exposure monitoring.

personZondex Research Team

Read arrow_forward

C2 Malware Threat Intelligence

Threat Intelligence Mar 04, 2026

Tracking Log4Shell (CVE-2021-44228): How Many Servers Are Still Vulnerable?

Over two years after the Log4Shell disclosure, we examine how many internet-facing servers remain vulnerable to CVE-2021-44228 and analyze remediation progress by country and industry.

persontestuser

Read arrow_forward

Infrastructure Statistics Vulnerability

explore

Explore the Internet

Search devices, services, and vulnerabilities across 80M+ indexed hosts with Zondex.

searchStart Searching