0+

VAPTs

Expertise in Enterprise Level Security Assessments. *(2024 stats)


0+

Security Issues

We've found security vulnerabilties which have high impact on infrastructrue. *(2024 stats)


0+

Apps & Publications

Actively engaged in innovative security research and other development projects.

zyenra > whoami

At zyenra, we bring a fresh perspective to cybersecurity. Specializing in research, vulnerability assessment, and penetration testing (vapt)s, we are dedicated to enhancing enterprise security through excellence and effective integration into your projects. we empower organizations to navigate the complexities of the digital landscape. our goal is to ensure that security measures are seamlessly integrated, allowing you to focus on growth and innovation. we prioritize building lasting partnerships with our clients, focusing on their unique needs. With a blend of technical expertise and industry best practices, we deliver solutions that not only secure but also align with your business objectives.

highlights

Recent

Highlights of Recent developments and Published Work.

Publications

Recent Activities
CVE-2024-42640 - Unauthenticated RCE via Angular-Base64-Upload

angular-base64-upload versions prior to v0.1.21 are vulnerable to unauthenticated remote code execution via the angular-base64-upload/demo/server.php endpoint. Exploiting this vulnerability allows an attacker to upload arbitrary file content to the server, which can subsequently be accessed through the angular-base64-upload/demo/uploads endpoint. This lead to the execution of previously uploaded content and ultimately enable the attacker to achieve code execution on the server

CVE-2024-57514 - XSS in TP-Link A20 v3 Router

The TP-Link Archer A20 v3 Router is vulnerable to Cross-site Scripting (XSS) due to improper handling of directory listing paths in the web interface. When a specially crafted URL is visited, the router's web page renders the directory listing and executes arbitrary JavaScript embedded in the URL.