Max van der Horst
CSIRT Operations Lead
Max is involved in the coordination of the CSIRT’s operations. Having joined DIVD in 2021, Max gained experience on DIVD’s scanning and notification efforts over a large number of investigations. He uses this experience to assist other researchers with challenges they encounter and, while he is still operationally involved, applies his experience to work on more strategic developments for the team such as collaboration with academia and governments. Max is also a CVE Numbering Authority (CNA) administrator for DIVD and has a background in strategic cyber threat intelligence and vulnerability management.
CSIRT cases
- DIVD-2024-00045 - SysAid ITSM SQL Injection vulnerability
- DIVD-2024-00044 - Missing authentication in Fortinet FortiManager fgfmsd
- DIVD-2024-00041 - Progress Software WhatsUp Gold SQL Injection Authentication Bypass
- DIVD-2024-00040 - Zimbra Collaboration (ZCS) vulnerable for RCE under specific conditions
- DIVD-2024-00028 - Local File Inclusion in SolarWinds U-Serv
Show more Show less
- DIVD-2024-00024 - Multiple vulnerabilities found in the SOPlanning tool
- DIVD-2024-00020 - Authentication Bypass in GitHub Enterprise Server (GHES)
- DIVD-2024-00019 - Victim Notification Operation Endgame
- DIVD-2024-00011 - Six vulnerabilities in Enphase IQ Gateway devices
- DIVD-2024-00005 - Remote code execution in FortiOS
- DIVD-2024-00004 - 2024-00004 Global NGOs
- DIVD-2024-00001 - Auth. Bypass and Command Injection in Ivanti VPN appliance
- DIVD-2023-00042 - Confluence improper authorization vulnerability
- DIVD-2023-00039 - VMware vCenter Server RCE
- DIVD-2023-00038 - Global Cisco IOS-XE (CVE-2023-20198) Implants
- DIVD-2023-00037 - Security Feature Bypass in MinIO
- DIVD-2023-00036 - Authentication Bypass in JetBrains TeamCity
- DIVD-2023-00035 - Remote Code Execution in Juniper Networks SRX- and EX-Series
- DIVD-2023-00034 - API Authentication Bypass Vulnerability in Ivanti Sentry
- DIVD-2023-00033 - Citrix systems exploited with CVE-2023-3519
- DIVD-2023-00029 - Critical Fortinet SSL-VPN RCE Vulnerability
- DIVD-2023-00025 - Multiple vulnerabilities in Danfoss AK-SM800A
- DIVD-2023-00024 - SQL injection in GeoServer - CVE-2023-25157
- DIVD-2023-00023 - SQL injection in MOVEit Transfer - CVE-2023-34362
- DIVD-2023-00022 - OS command injection vulnerability of Zyxel firewalls
- DIVD-2023-00021 - Multiple vulnerabilities in Danfoss AK-EM 100
- DIVD-2023-00020 - PaperCut MF/NG Authentication Bypass
- DIVD-2023-00017 - Cisco Small Business Router Authentication Bypass
- DIVD-2023-00011 - FortiNAC and FortiWeb RCE Vulnerability
- DIVD-2023-00010 - Remote Code Execution in Microsoft Exchange Server
- DIVD-2023-00009 - Cisco RV Series Remote Command Execution
- DIVD-2023-00007 - Global VMware ESXi Ransomware Attack
- DIVD-2023-00004 - Unauthenticated Remote Command Execution using SAML in Zoho ManageEngine
- DIVD-2023-00003 - OS command injection in CentOS CWP
- DIVD-2023-00002 - Publicly Reachable Malicious Webshells
- DIVD-2022-00068 - Multiple vulnerabilities identified within White Rabbit Switch from CERN
- DIVD-2022-00064 - Multiple injection vulnerabilities identified within Axiell Iguana CMS
- DIVD-2022-00060 - Command Injection vulnerability in Bitbucket Server and Data Center
- DIVD-2022-00054 - ProxyNotShell - Microsoft Exchange SSRF and RCE
- DIVD-2022-00027 - F5 BIG-IP iControl REST API remote code execution
- DIVD-2022-00024 - Spring Cloud RCE - CVE-2022-22963
- DIVD-2022-00022 - WatchGuard Firebox and XTM appliance ACE vulnerability
- DIVD-2022-00012 - Global Charity Vulnerabilities
- DIVD-2022-00004 - Post-Log4J Open Database C2 and Monero Miner Infections
- DIVD-2021-00020 - OSNexsus QuantaStor limited disclosure and product warning