Back to directory
WRITEUP #73

How 1 Exposed Honeywell API Gave us Control Over an Internal Engineering System

ReconMissing authenticationInformation disclosureBroken authorizationAccount takeover
by@XeEaton(Eaton Z.)
Program
Honeywell
Published
Aug 19, 2024
Added to HackDex
Aug 26, 2024
Read Full Writeuphttps://www.traceable.ai/blog-post/how-1-exposed-honeywell-api-gave-us-control-over-an-internal-engineering-system
RELATED WRITEUPS
How I Got Critical P2 Bug on Google VRP
ReconMissing authentication
ElasticSearch Smash & Grab
ReconElasticsearch
P3 (Medium) : How I Gain Access To NASA's Internal Workspace?!
ReconInformation disclosure
How I Got Bugs From Google Dorks
ReconInformation disclosure
How I can easily get four P1 at NASA using Simple Google Dorking.
ReconInformation disclosure

Built with ❤️ by Shubham Rawat