Design/Logic Flaw

In Splunk Enterprise versions below 8.2.9 and 8.1.12, the way that the rex search command handles field names lets an attacker bypass SPL safeguards for risky commands https://docs.splunk.com/Documentation/SplunkCloud/latest/Security/SPLsafeguards . The vulnerability requires the attacker to phis...

CVE-2022-43563 Risky command safeguards bypass via rex search command field names in Splunk Enterprise

In Splunk Enterprise versions below 8.2.9 and 8.1.12, the way that the rex search command handles field names lets an attacker bypass SPL safeguards for risky commands https://docs.splunk.com/Documentation/SplunkCloud/latest/Security/SPLsafeguards . The vulnerability requires the attacker to phis...

PT-2022-26966 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 8.2.9 Splunk Enterprise versions prior to 8.1.12 Description: The issue arises from how the rex search command handles field names, allowing an attacker to bypass SPL safeguards for risky commands. This...

Splunk Enterprise 8.1 < 8.1.12, 8.2.0 < 8.2.9 (SVD-2022-1103)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2022-1103 advisory. - In Splunk Enterprise versions below 8.2.9 and 8.1.12, the way that the rex' search command handles field names lets an attack...

CVE-2022-31568

The Rexians/rex-web repository through 2022-06-05 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31568

The Rexians/rex-web repository through 2022-06-05 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

Path traversal

The Rexians/rex-web repository through 2022-06-05 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31568

The CVE-2022-31568 entry concerns the Rexians/rex-web project, where absolute path traversal is possible due to unsafe use of Flask send_file. This is confirmed across sources (NVD, Red Hat, CVE List, CNNVD) with descriptions indicating the vulnerability stems from improper handling of file paths...

rex-web 路径遍历漏洞

rex-web is a Rexians community website open-sourced by Rexians. A security vulnerability exists in rex-web, which stems from an insecure use of the Flask sendfile function...

Metasploit Weekly Wrap-Up

SAMR Auxiliary Module A new SAMR auxiliary module has been added that allows users to add, lookup, and delete computer accounts from an AD domain. This should be useful for pentesters on engagements who need to create an AD account to gain an initial foothold into the domain for lateral movement...

Malicious code in rex-design (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 08797fcedbfba6352f704ba60e5df06ca756270b1fedabe5eb83784ae13a5395 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-5776 Malicious code in rex-design (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 08797fcedbfba6352f704ba60e5df06ca756270b1fedabe5eb83784ae13a5395 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Metasploit Wrap-Up

Dump Windows secrets from Active Directory This week, our very own Christophe De La Fuente added an important update to the existing Windows Secret Dump module. It is now able to dump secrets from Active Directory, which will be very useful for Metasploit users. This new feature uses the Director...

Native LDAP Server (Example)

This module provides a Rex based LDAP service to expose the native Rex LDAP server functionality created during log4shell development. Module Options msf use auxiliary/server/ldap msf auxiliaryldap show actions ...actions... msf auxiliaryldap set ACTION msf auxiliaryldap show options ...show and...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

MyLog4Shell log4j RCE Exploitation Detection You can use th...

Cryptominers Slither into Python Projects in Supply-Chain Campaign

A group of cryptominers was found to have infiltrated the Python Package Index PyPI, which is a repository of software code created in the Python programming language. Similar to other repositories like GitHub, npm and RubyGems, PyPI is part of the software supply chain. It offers a place where...

SQL Injection Vulnerability in PHP Version of Rex Design Website Building System

R&S Design is an Internet solution provider in Guangdong, focusing on the study of the development status of small and medium-sized enterprises around the world, and is committed to promoting enterprises to embark on the road of comprehensive informatization. Rui Si Design website construction...

Metasploit Wrapup

Metasploit Hackathon We were happy to host the very first Metasploit framework open source hackathon this past week in the Rapid7 Austin. Eight Metasploit hackers from outside of Rapid7 joined forces with the in-house team and worked on a lot of great projects, small and large. @bcook started the...

Native DNS Server (Example)

This module provides a Rex based DNS service which can store static entries, resolve names over pivots, and serve DNS requests across routed session comms. DNS tunnels can operate across the Rex switchboard, and DNS other modules can use this as a template. Setting static records via hostfile...

Kids Dinosaur Rex Slide Puzzle - External URLs vulnerabilities

HackApp vulnerability scanner discovered that application Kids Dinosaur Rex Slide Puzzle published at the 'play' market has multiple vulnerabilities...