33 min
Vulnerability Disclosure
Multiple Vulnerabilities in Rocket Software UniRPC server (Fixed)
In early 2023, Rapid7 discovered several vulnerabilities in Rocket Software UniData UniRPC. We worked with the company to fix issues and coordinate this disclosure.
7 min
Vulnerability Disclosure
CVE-2023-0391: MGT-COMMERCE CloudPanel Shared Certificate Vulnerability and Weak Installation Procedures
Rapid7 has discovered three security concerns in CloudPanel from MGT-COMMERCE, a self-hosted web administration solution.
4 min
Vulnerability Disclosure
Microsoft Defender for Cloud Management Port Exposure Confusion
Microsoft Defender for Cloud, until recently, didn't distinguish "0.0.0.0/0" as a synonym for "any" when checking for management port exposures for Azure instances.
13 min
Vulnerability Disclosure
Multiple DMS XSS (CVE-2022-47412 through CVE-20222-47419)
Rapid7 has discovered, and is now disclosing, eight XSS issues affecting four on-premises document management systems. As of this disclosure, none have patches available.
5 min
Vulnerability Disclosure
CVE-2023-22374: F5 BIG-IP Format String Vulnerability
Rapid7 found an additional vulnerability in the appliance-mode REST interface. We reported it to F5 and are now disclosing it in accordance with our vulnerability disclosure policy.
5 min
Vulnerability Disclosure
Refreshing Rapid7's Coordinated Vulnerability Disclosure Policy
Rapid7 has updated its coordinated vulnerability disclosure (CVD) policy and philosophy. In this article, you'll learn what prompted the changes.
4 min
Vulnerability Disclosure
Cengage LTI Session Management Leakage
Cengage, an education technology provider in use in many higher education environments primarily in the United States, had two issues in the way it handled session management over its Learning Tools Integration (LTI) pipeline.
3 min
Vulnerability Disclosure
CVE-2022-4261: Rapid7 Nexpose Update Validation Issue (FIXED)
Nexpose version 6.6.172 fixes an issue with how Nexpose validates update packages, CVE-2022-4261.
12 min
Vulnerability Disclosure
CVE-2022-41622 and CVE-2022-41800 (FIXED): F5 BIG-IP and iControl REST Vulnerabilities and Exposures
Rapid7 discovered several vulnerabilities and exposures in specific F5 BIG-IP and BIG-IQ devices in August 2022. Since then, members of our research team have worked with the vendor to discuss impact, resolution, and a coordinated response.
8 min
Vulnerability Disclosure
FLEXlm and Citrix ADM Denial of Service Vulnerability
Note: Updated October 20, 2022 to clarify that this bypasses CVE-2022-27512 and
not CVE-2022-27511, which has a different root cause.
On June 27, 2022, Citrix released an advisory
[https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512]
for CVE-2022-27511 [https://nvd.nist.gov/vuln/detail/CVE-2022-27511] and
CVE-2022-27512 [https://nvd.nist.gov/vuln/detail/CVE-2022-27512], which affect
Citrix ADM (Application Del
7 min
Vulnerability Disclosure
Baxter SIGMA Spectrum Infusion Pumps: Multiple Vulnerabilities (FIXED)
Rapid7 discovered vulnerabilities in two TCP/IP-enabled medical devices produced by Baxter Healthcare.
21 min
Vulnerability Disclosure
Rapid7 Discovered Vulnerabilities in Cisco ASA, ASDM, and FirePOWER Services Software
Rapid7 discovered vulnerabilities and non-security issues affecting Cisco ASA, ASDM, and FirePOWER Services Software for ASA.
5 min
Vulnerability Disclosure
CVE-2022-31660 and CVE-2022-31661 (FIXED): VMware Workspace ONE Access, Identity Manager, and vRealize Automation LPE
The VMware Workspace ONE Access, Identity Manager, and vRealize Automation products contain a locally exploitable privilege escalation vulnerability.
9 min
Vulnerability Disclosure
QNAP Poisoned XML Command Injection (Silently Patched)
In researching the mystery surrounding alleged exploitation in the wild of CVE-2020-2509, we found what make be an entirely new vulnerability.
8 min
Vulnerability Disclosure
Primary Arms PII Disclosure via IDOR (FIXED)
Primary Arms, a popular e-commerce site dealing in firearms and related merchandise, suffers from an insecure direct object reference (IDOR) vulnerability.