Genmitsu Sainsmart 3018 PROver CNC debugging

I recently purchased a Genmitsu Sainsmart 3018 PROver CNC machine, with a GRBL v1.1 control board. I’ve spent more time then I’d care to admit on simple, silly things. So I’ll be documenting them here for my posterity. Hopefully this can help you on your CNC journey. [Read More]

Privilege Escalation Exploits in Cobbler's API

TL;DR: There are several privilege escalation vulnerabilities in Cobbler’s XMLRPC API. There are also many endpoints that are not validating the auth tokens passed to them. As a result, the API is effectively unauthenticated. Consider using a firewall to restrict access to the /cobbler_api endpoint. [Read More]