6 min
Vulnerability Disclosure
CVE-2024-6922: Automation Anywhere Automation 360 Server-Side Request Forgery
Automation 360 Robotic Process Automation suite v21-v32 is vulnerable to unauthenticated Server-Side Request Forgery (SSRF).
10 min
Managed Detection and Response (MDR)
CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack
Justice AV Solutions (JAVS) is a U.S.-based company specializing in digital audio-visual recording solutions for courtroom environments.
Rapid7 has determined that users with JAVS Viewer v8.3.7 installed are at high risk and should take immediate action.
19 min
Emergent Threat Response
CVE-2024-27198 and CVE-2024-27199: JetBrains TeamCity Multiple Authentication Bypass Vulnerabilities (FIXED)
Rapid7’s vulnerability research team identified two new vulnerabilities affecting JetBrains TeamCity CI/CD server: CVE-2024-27198 and CVE-2024-27199, both of which are authentication bypasses.
11 min
Vulnerability Disclosure
CVE-2023-47218: QNAP QTS and QuTS Hero Unauthenticated Command Injection (FIXED)
Rapid7 has identified an unauthenticated command injection vulnerability in the QNAP operating system known as QTS, a core part of the firmware for numerous QNAP entry- and mid-level Network Attached Storage (NAS) devices.
1 min
Velociraptor
CVE-2023-5950 Rapid7 Velociraptor Reflected XSS
This advisory covers a specific issue identified in Velociraptor and disclosed by a security code review. Rapid7 Velociraptor versions prior to 0.7.0-4 suffer from a reflected cross site scripting vulnerability.
8 min
Vulnerability Disclosure
Multiple Vulnerabilities in South River Technologies Titan MFT and Titan SFTP [FIXED]
As part of our continuing research project into managed file transfer risk, including JSCAPE MFT and Fortra Globalscape EFT Server, Rapid7 discovered several vulnerabilities in South River Technologies’ Titan MFT and Titan SFTP servers.
4 min
Vulnerability Disclosure
CVE-2023-4528: Java Deserialization Vulnerability in JSCAPE MFT (Fixed)
In August 2023, Rapid7 discovered CVE-2023-4528, a Java deserialization vulnerability in Redwood Software’s JSCAPE MFT secure managed file transfer product. Successful exploitation can run arbitrary Java code as the `root` on Linux or the `SYSTEM` user on Windows.
6 min
Vulnerability Disclosure
CVE-2023-35082 - MobileIron Core Unauthenticated API Access Vulnerability
Rapid7 discovered a new vulnerability that allows unauthenticated attackers to access the API in unsupported versions of MobileIron Core (11.2 and below).
5 min
Vulnerability Disclosure
CVE-2023-38205: Adobe ColdFusion Access Control Bypass [FIXED]
Rapid7 discovered that the initial patch for CVE-2023-29298 (Adobe ColdFusion access control bypass vulnerability) did not successfully remediate the issue.
7 min
Vulnerability Disclosure
CVE-2023-29298: Adobe ColdFusion Access Control Bypass
Rapid7 discovered an access control bypass vulnerability affecting Adobe ColdFusion that allows an attacker to access the administration endpoints.
22 min
Vulnerability Disclosure
Multiple Vulnerabilities in Fortra Globalscape EFT Administration Server [FIXED]
Rapid7 has uncovered four issues in Fortra Globalscape EFT, the worst of which can lead to remote code execution.
4 min
Vulnerability Disclosure
Raptor Technologies Volunteer Management Client-Side Security Controls (FIXED)
A vulnerability in Raptor Technology Volunteer Management for Schools is being disclosed in accordance with Rapid7’s vulnerability disclosure policy.
33 min
Vulnerability Disclosure
Multiple Vulnerabilities in Rocket Software UniRPC server (Fixed)
In early 2023, Rapid7 discovered several vulnerabilities in Rocket Software UniData UniRPC. We worked with the company to fix issues and coordinate this disclosure.
7 min
Vulnerability Disclosure
CVE-2023-0391: MGT-COMMERCE CloudPanel Shared Certificate Vulnerability and Weak Installation Procedures
Rapid7 has discovered three security concerns in CloudPanel from MGT-COMMERCE, a self-hosted web administration solution.
4 min
Vulnerability Disclosure
Microsoft Defender for Cloud Management Port Exposure Confusion
Microsoft Defender for Cloud, until recently, didn't distinguish "0.0.0.0/0" as a synonym for "any" when checking for management port exposures for Azure instances.