From WAN to LAN
Interesting article from another bunch of pro's
Quote
Almost anyone connecting to the internet from a small office / home office (SOHO) network does so from a similar network layout. The most essential device to bridge between the local network to the internet is the router. Routers not only help with routing network traffic but also act as a safeguard dividing the internal local area network (LAN) and the external internet, the wide-area network (WAN), preventing unwanted external access to internal devices. Therefore, exploiting routers from the WAN and bypassing network address translation (NAT) is dangerous and poses a significant risk to the local network.
Unquote
Reference is here
Pwn2Own: WAN-to-LAN Exploit Showcase, Part 1
Claroty Team82 demonstrates how it exploited vulnerabilities in TP-Link ER605 routers on the WAN in order to pivot onto the local network (LAN) and exploit an IoT device, in this case, a Synology BC500 security camera.
Sharon Brizinov,
Part two is here
Pwn2Own: Pivoting from WAN to LAN to Attack a Synology BC500 IP Camera, Part 2
Team82 demonstrates an attack exploiting a remote code execution vulnerability in Synology BC 500 IP cameras. This attack is part of a broader research project that involved exploiting a TP-Link ER605 router, and pivoting from there to the local network to attack the camera.
Sharon Brizinov,