Watchtowr company information, Employees & Contact Information

Well, Well, Well. It’s Another Day. (Oracle E-Business Suite Pre-Auth RCE Chain - CVE-2025-61882) watchTowr Labs

yIKEs (WatchGuard Fireware OS IKEv2 Out-of-Bounds Write CVE-2025-9242) watchTowr Labs

More Than DoS (Progress Telerik UI for ASP.NET AJAX Unsafe Reflection CVE-2025-3600) watchTowr Labs

It Is Bad (Exploitation of Fortra GoAnywhere MFT CVE-2025-10035) - Part 2 watchTowr Labs

Expression Payloads Meet Mayhem - Ivanti EPMM Unauth RCE Chain (CVE-2025-4427 and CVE-2025-4428) watchTowr Labs

Bypassing Authentication Like It’s The ‘90s - Pre-Auth RCE Chain(s) in Kentico Xperience CMS watchTowr Labs

SysOwned, Your Friendly Support Ticket - SysAid On-Premise Pre-Auth RCE Chain (CVE-2025-2775 And Friends) watchTowr Labs

Is This Bad? This Feels Bad. (Fortra GoAnywhere CVE-2025-10035) watchTowr Labs

Pre-Auth SQL Injection to RCE - Fortinet FortiWeb Fabric Connector (CVE-2025-25257) watchTowr Labs

How Much More Must We Bleed? - Citrix NetScaler Memory Disclosure (CitrixBleed 2 CVE-2025-5777) watchTowr Labs

It's Never Simple Until It Is (Dell UnityVSA Pre-Auth Command Injection CVE-2025-36604) watchTowr Labs

Should Security Solutions Be Secure? Maybe We're All Wrong - Fortinet FortiSIEM Pre-Auth Command Injection (CVE-2025-25256) watchTowr Labs

8 Million Requests Later, We Made The SolarWinds Supply Chain Attack Look Amateur watchTowr Labs

SonicBoom, From Stolen Tokens to Remote Shells - SonicWall SMA (CVE-2023-44221, CVE-2024-38475) watchTowr Labs

Stack Overflows, Heap Overflows, and Existential Dread (SonicWall SMA100 CVE-2025-40596, CVE-2025-40597 and CVE-2025-40598) watchTowr Labs

Is b For Backdoor? Pre-Auth RCE Chain In Sitecore Experience Platform watchTowr Labs

Guess Who Would Be Stupid Enough To Rob The Same Vault Twice? Pre-Auth RCE Chains in Commvault watchTowr Labs

Cache Me If You Can (Sitecore Experience Platform Cache Poisoning to RCE) watchTowr Labs

Fire In The Hole, We’re Breaching The Vault - Commvault Remote Code Execution (CVE-2025-34028) watchTowr Labs

By Executive Order, We Are Banning Blacklists - Domain-Level RCE in Veeam Backup & Replication (CVE-2025-23120) watchTowr Labs

Is The Sofistication In The Room With Us? - X-Forwarded-For and Ivanti Connect Secure (CVE-2025-22457) watchTowr Labs

Do Secure-By-Design Pledges Come With Stickers? - Ivanti Connect Secure RCE (CVE-2025-0282) watchTowr Labs

Exploitation Walkthrough and Techniques - Ivanti Connect Secure RCE (CVE-2025-0282) watchTowr Labs

The Best Security Is When We All Agree To Keep Everything Secret (Except The Secrets) - NAKIVO Backup & Replication (CVE-2024-48248) watchTowr Labs

Cleo Harmony, VLTrader, and LexiCom - RCE via Arbitrary File Write (CVE-2024-50623) watchTowr Labs

Get FortiRekt, I Am The Super_Admin Now - Fortinet FortiOS Authentication Bypass CVE-2024-55591 watchTowr Labs

XSS To RCE By Abusing Custom File Handlers - Kentico Xperience CMS (CVE-2025-2748) watchTowr Labs

Where There’s Smoke, There’s Fire - Mitel MiCollab CVE-2024-35286, CVE-2024-41713 And An 0day watchTowr Labs

Backdooring Your Backdoors - Another $20 Domain, More Governments watchTowr Labs

Pots and Pans, AKA an SSLVPN - Palo Alto PAN-OS CVE-2024-0012 and CVE-2024-9474 watchTowr Labs

Visionaries Have Democratised Remote Network Access - Citrix Virtual Apps and Desktops (CVE-2024-8068 and CVE-2024-8069) watchTowr Labs

Hop-Skip-FortiJump-FortiJump-Higher - Fortinet FortiManager CVE-2024-47575 watchTowr Labs

Palo Alto - Putting The Protecc In GlobalProtect (CVE-2024-3400) watchTowr Labs

Auth. Bypass In (Un)Limited Scenarios - Progress MOVEit Transfer (CVE-2024-5806) watchTowr Labs

Ivanti Connect Secure CVE-2024-22024 - Are We Now Part Of Ivanti? watchTowr Labs

Fortinet FortiGate CVE-2024-23113 - A Super Complex Vulnerability In A Super Secure Appliance In 2024 watchTowr Labs

Check Point - Wrong Check Point (CVE-2024-24919) watchTowr Labs

The Second Wednesday Of The First Month Of Every Quarter: Juniper 0day Revisited watchTowr Labs

No Way, PHP Strikes Again! (CVE-2024-4577) watchTowr Labs

CVE-2023-36844 And Friends: RCE In Juniper Devices watchTowr Labs

Veeam Backup & Response - RCE With Auth, But Mostly Without Auth (CVE-2024-40711) watchTowr Labs

We Spent $20 To Achieve RCE And Accidentally Became The Admins Of .MOBI watchTowr Labs

QNAP QTS - QNAPping At The Wheel (CVE-2024-27130 and friends) watchTowr Labs

IBM QRadar - When The Attacker Controls Your Security Stack (CVE-2022-26377) watchTowr Labs

Welcome To 2024, The SSLVPN Chaos Continues - Ivanti CVE-2023-46805 & CVE-2024-21887 watchTowr Labs

Xortigate, or CVE-2023-27997 - The Rumoured RCE That Was watchTowr Labs

Fortinet and The Accidental Bug watchTowr Labs

Log4Shell Is Dead! Long Live Log4Shell! watchTowr Labs

Yet More Unauth Remote Command Execution Vulns in Firewalls - Sangfor Edition watchTowr Labs

We're Out Of Titles For VPN Vulns - It's Not Funny Anymore (Fortinet CVE-2022-42475) watchTowr Labs

Text4Shell++ - Where There’s Smoke, There’s Fire watchTowr Labs

“To live is to fight, to fight is to live! - IBM ODM Remote Code Execution watchTowr Labs

Ghost In The Wire, Sonic In The Wall - Adventures With SonicWall watchTowr Labs

XXE, You Can Depend On Me (OpenCMS CVE-2023-42344 and Friends) watchTowr Labs

GitLab Arbitrary File Read (CVE-2023-2825) Analysis watchTowr Labs

watchTowr Appoints Elvina Liow to Vice President, APAC citybiz

Adobe Commerce (Magento) CVE-2022-24086 : Return Of The Text Interpolation watchTowr Labs

Form Tools Remote Code Execution: We Need To Talk About PHP watchTowr Labs