21 min
Vulnerability Disclosure
Rapid7 Discovered Vulnerabilities in Cisco ASA, ASDM, and FirePOWER Services Software
Rapid7 discovered vulnerabilities and non-security issues affecting Cisco ASA, ASDM, and FirePOWER Services Software for ASA.
9 min
Vulnerability Disclosure
QNAP Poisoned XML Command Injection (Silently Patched)
In researching the mystery surrounding alleged exploitation in the wild of CVE-2020-2509, we found what make be an entirely new vulnerability.
5 min
Vulnerability Disclosure
CVE-2022-30526 (Fixed): Zyxel Firewall Local Privilege Escalation
Rapid7 discovered a local privilege escalation vulnerability affecting Zyxel firewalls. The vulnerability allows a low privileged user, such as `nobody`, to escalate to `root` on affected firewalls.
4 min
Vulnerability Disclosure
CVE-2022-31749: WatchGuard Authenticated Arbitrary File Read/Write (Fixed)
A remote and low-privileged WatchGuard Firebox or XTM user can red arbitrary system files due to an argument injection vulnerability.
7 min
Vulnerability Disclosure
CVE-2022-22977: VMware Guest Authentication Service LPE (FIXED)
A low-privileged local attacker can prevent the VMware Guest Authentication service from running in a guest Windows environment and can crash this service.
2 min
Emergent Threat Response
CVE-2022-22972: Critical Authentication Bypass in VMware Workspace ONE Access, Identity Manager, and vRealize Automation
On May 18, 2022, VMware published an advisory on CVE-2022-22972, a critical authentication bypass affecting multiple solutions.
5 min
Vulnerability Disclosure
CVE-2022-30525 (FIXED): Zyxel Firewall Unauthenticated Remote Command Injection
Rapid7 discovered and reported a vulnerability that affects Zyxel firewalls supporting Zero Touch Provisioning (ZTP), identified as CVE-2022-30525.
3 min
Emergent Threat Response
Opportunistic Exploitation of WSO2 CVE-2022-29464
On April 18, 2022, MITRE published CVE-2022-29464, an unrestricted file upload vulnerability affecting various WSO2 products.
4 min
Emergent Threat Response
CVE-2022-28810: ManageEngine ADSelfService Plus Authenticated Command Execution (Fixed)
On April 9, ManageEngine fixed CVE-2022-28810 with the release of ADSelfService Plus Build 6122.
4 min
Research
CVE-2022-24527: Microsoft Connected Cache Local Privilege Escalation (Fixed)
On April 12, 2022, Microsoft published CVE-2022-24527, a local privilege escalation vulnerability in Microsoft Connected Cache.
5 min
Vulnerability Disclosure
CVE-2021-4191: GitLab GraphQL API User Enumeration (FIXED)
On February 25, 2022, GitLab published a fix for CVE-2021-4191, a now-patched vulnerability resulting from a missing authentication check.
14 min
Research
Dropping Files on a Domain Controller Using CVE-2021-43893
On December 14, 2021, during the Log4Shell chaos, Microsoft published CVE-2021-43893, a remote privelege escalation vulnerability affecting Windows EFS.
10 min
Vulnerability Disclosure
CVE-2021-20038..42: SonicWall SMA 100 Multiple Vulnerabilities (FIXED)
Over the course of routine security research, Rapid7 researcher Jake Baines discovered and reported five vulnerabilities involving the SonicWall Secure Mobile Access (SMA) 100 series of devices.
7 min
Risk Management
Driver-Based Attacks: Past and Present
In our analysis of CVE-2021-21551, a write-what-where vulnerability in a Dell driver, we found that Dell’s update didn’t fix the write-what-where condition but only limited access to administrative users.
2 min
Emergent Threat Response
GitLab Unauthenticated Remote Code Execution CVE-2021-22205 Exploited in the Wild
Patches have been available for GitLab CVE-2021-22205 since April 2021, but analysis suggests a large number of instances are still vulnerable.