This is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is.
Post
Synacktiv
synacktiv.com
did:plc:f66ty74va5ti7faiq5ezuncy
At #Pwn2Own2025, our experts Tek & @anyfun.bsky.social remotely compromised a Synology Beestation Plus via a pre-auth exploit, leading to full system takeover.
The vuln is now tracked as CVE-2025-12686 🔍
🔗 Full write-up: https://www.synacktiv.com/en/publications/breaking-the-beestation-inside-our-pwn2own-2025-exploit-journey
2025-11-27T15:00:01.429Z