Events Speakers Talks Organizations Features Pricing Why Us

Company

About Us
Contact

Contact Info

Address:

13, Lorong Toh Aka

Georgetown 10100

Penang, Malaysia

Email:

info@cfp.directory

Website:

13thirtyseven.my

Business Hours

Monday - Friday:9:00 AM - 6:00 PM

Saturday:9:00 AM - 1:00 PM

Sunday:Closed

GMT+8 (Malaysia Standard Time)

© 2026 CFP Directory. All rights reserved.

13 Thirty Seven Sdn. Bhd. (1401538-A)

Privacy Policy Terms of Service

Peng, JIAN-LIN - Speaker Profile

Back to Speakers

Peng, JIAN-LIN

Peng, JIAN-LIN

DEVCORE

Taipei,Taiwan

English, Chinese (Mandarin)

1

Talks Delivered

1

Events Spoken At

0

Countries Visited

1

Years Speaking

1

Total Talks Given

About

Jian-Lin Peng, aka YingMuo (@YingMuo), is a security researcher at DEVCORE. His work primarily focuses on IoT, macOS kernel and hypervisor security. He has participated in Pwn2Own competitions 2 times, successfully compromising QNAP NAS. He was also a speaker at HITCON PEACE 2022 and DEVCORE CONFERENCE 2024.

Speaking Topics & Expertise

Areas of Expertise

Vulnerability Research

Presentation Types

Technical Talk

Audience Types

Security Professionals

Product Security Teams

Speaking History

2025

Returned to QNAP TS-464 at Pwn2Own and Pwned It Again!

November 23, 2025

Tokyo

Connect

Experience Level

intermediate

Researchers

Have you ever thought about using Windows File Explorer to pwn QNAP TS-464?

At Pwn2Own 2024 Ireland, we pwned QNAP TS-464 with several vulnerabilities in SAMBA achieving pre-auth RCE. Unlike the previous engagement when we worked up to the deadline, we identified a distinct vulnerability and gain RCE via Windows File Explorer within three days.

In this talk, we will explain the details of root causes and exploit chain.