Craig Young

Craig Young is a computer security researcher with Tripwire’s Vulnerability and Exposures Research Team (VERT). He has identified and responsibly disclosed dozens of vulnerabilities in products from Google, Amazon, IBM, NETGEAR, Adobe, HP, Apple, and others. His research has resulted in numerous CVE assignments and repeated recognition in the Google Application Security Hall of Fame. Craig’s presentations on Google authentication weaknesses have led to considerable security improvements for all Google users. Craig won in track 0 and track 1 of the first ever SOHOpelessly Broken contest at DEF CON 22 by demonstrating 10 0-day flaws in SOHO wireless routers. His research into iOS WiFi problems more recently exposed CVE-2015-3728 that could allow devices to inadvertently connect to malicious hot spots. Craig has also successfully employed fuzzing techniques to find flaws in a variety of open source software including a memory corruption in MatrixSSL that could be used to achieve code execution on at least 100,000 Internet gateways. More recently, Craig has turned his attention to flaws in TLS/HTTPS implementations.

CVEs Disclosed by Craig Young

10/12 CVE-2020-5135

A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially...

02/11 CVE-2014-6447

Multiple vulnerabilities exist in Juniper Junos J-Web error handling that may lead to cross site scripting (XSS) issues...

7.1 HIGH
02/06 CVE-2013-3568

Cross-site request forgery (CSRF) vulnerability in Cisco Linksys WRT110 allows remote attackers to hijack the...

8.8 HIGH
02/06 CVE-2012-6297

Command Injection vulnerability exists via a CSRF in DD-WRT 24-sp2 from specially crafted configuration values...

8.8 HIGH
12/27 CVE-2013-4796

ReviewBoard 1.6.17 allows code execution by attaching PHP scripts to review request

8.8 HIGH
12/04 CVE-2013-2745

An SQL Injection vulnerability exists in MiniDLNA prior to 1.1.0

11/21 CVE-2013-3314

The Loftek Nexus 543 IP Camera allows remote attackers to obtain (1) IP addresses via a request to get_realip.cgi or (2)...

7.5 HIGH
11/21 CVE-2013-3311

Directory traversal vulnerability in the Loftek Nexus 543 IP Camera allows remote attackers to read arbitrary files via...

7.5 HIGH
11/21 CVE-2013-3313

The Loftek Nexus 543 IP Camera stores passwords in cleartext, which allows remote attackers to obtain sensitive...

7.5 HIGH
11/21 CVE-2013-3312

Multiple cross-site request forgery (CSRF) vulnerabilities in the Loftek Nexus 543 IP Camera allow remote attackers to...

8.8 HIGH

This page is open source. Noticed a typo? Or something missing?

Improve this page