7 min read
Access Control Facades and Hardcoded Secrets: A Sage 300 Case Study (Part 3)
This is a continuation of the Sage 300 case study series where we explore the process of discovering and developing exploits for six (6) different...
sage 300
28 min read
Access Control Facades and Hardcoded Secrets: A Sage 300 Case Study (Part 2)
This is a continuation of the Sage 300 case study series where we explore the process of discovering and developing exploits for six (6) different...
19 min read
Access Control Facades and Hardcoded Secrets: A Sage 300 Case Study (Part 1)
Software solutions have had to evolve rapidly to keep pace with cybersecurity threats. Today, nearly every significant software solution is loaded...
3 min read
Critical Vulnerability Disclosure: Sage 300
In 2022 Konrad Haase, a member of the Control Gap Offensive Security team, discovered a series of vulnerabilities in Sage 300, a well-established...
22 min read
Installer Misconfigurations and Weak Folder Permissions: A Sage 300 Case Study
In modern cyberattacks, threat actors will often begin their attacks against enterprises by obtaining low-privileged access to a single system in the...