Lucene search
+L
Rapid7blogMost viewed

1731 matches found

Rapid7 Blog
Rapid7 Blog
added 2022/07/27 7:26 p.m.163 views

Active Exploitation of Atlassian’s Questions for Confluence App CVE-2022-26138

Exploitation is underway for one of the trio of critical Atlassian vulnerabilities that were published last week affecting several the company’s on-premises products. Atlassian has been a focus for attackers, as it was less than two months ago that we observed exploitation of CVE-2022-26134 in...

7.5CVSS1.8AI score0.99999EPSS
Exploits77
Rapid7 Blog
Rapid7 Blog
added 2021/12/14 9:5 p.m.163 views

Log4Shell Makes Its Appearance in Hacker Chatter: 4 Observations

It's been a long few days as organizations' security teams have worked to map, quantify, and mitigate the immense risk presented by the Log4Shell vulnerability within Log4j. As can be imagined, cybercriminals are working overtime as well, as they seek out ways to exploit this vulnerability. Need...

9.3CVSS0.6AI score0.99999EPSS
Exploits355
Rapid7 Blog
Rapid7 Blog
added 2021/06/25 4:15 p.m.162 views

Metasploit Wrap-Up

Cisco ‘Sploits This week’s Metasploit Framework release brings two modules that target Cisco products.The first module, written by our very own jheysel-r7, targets an unauthenticated file upload vulnerability in Cisco HyperFlex HX Data Platform. Vulnerable versions of the Cisco HyperFlex software...

10CVSS0.6AI score0.85649EPSS
Exploits12
Rapid7 Blog
Rapid7 Blog
added 2021/07/13 8:56 p.m.161 views

Patch Tuesday - July 2021

Microsoft has patched another 117 CVEs, returning to volumes seen in early 2021 and most of 2020. It would appear that the recent trend of approximately 50 vulnerability fixes per month was not indicative of a slowing pace. This month there were 13 vulnerabilities rated Critical with nearly the...

10CVSS1AI score0.99999EPSS
Exploits96
Rapid7 Blog
Rapid7 Blog
added 2020/11/20 7:52 p.m.161 views

Metasploit Wrap-Up

It’s 11 o’clock. Do you know where your file uploads are? Repeat contributor Erik Wynter and our own wvu-r7 each submitted modules exploiting web applications which allow attackers to upload files to arbitrary locations, including where the web application would interpret them as code! The first...

7.5CVSS9.5AI score0.9927EPSS
Exploits13
Rapid7 Blog
Rapid7 Blog
added 2022/01/11 9:41 p.m.160 views

Patch Tuesday - January 2022

The first Patch Tuesday of 2022 sees Microsoft publishing fixes for over 120 CVEs across the bulk of their product line, including 29 previously patched CVEs affecting their Edge browser via Chromium. None of these have yet been seen exploited in the wild, though six were publicly disclosed prior...

10CVSS1AI score0.99657EPSS
Exploits73
Rapid7 Blog
Rapid7 Blog
added 2022/05/10 7:59 p.m.158 views

Patch Tuesday - May 2022

This month is par for the course in terms of both number and severity of vulnerabilities being patched by Microsoft. That means there’s plenty of work to be done by system and network administrators, as usual. There is one 0-day this month: CVE-2022-26925, a Spoofing vulnerability in the Windows...

9.3CVSS0.6AI score0.83277EPSS
Exploits12
Rapid7 Blog
Rapid7 Blog
added 2021/11/09 4:59 p.m.158 views

Opportunistic Exploitation of Zoho ManageEngine and Sitecore CVEs

Over the weekend of November 6, 2021, Rapid7’s Incident Response IR and Managed Detection and Response MDR teams began seeing opportunistic exploitation of two unrelated CVEs: CVE-2021-40539, a REST API authentication bypass in Zoho’s ManageEngine ADSelfService Plus product that Rapid7 has...

10CVSS9.8AI score0.9896EPSS
Exploits12
Rapid7 Blog
Rapid7 Blog
added 2021/07/12 10:39 p.m.157 views

SolarWinds Serv-U FTP and Managed File Transfer CVE-2021-35211: What You Need to Know

On July 12, 2021, SolarWinds confirmed an actively exploited zero-day vulnerability, CVE-2021-35211, in the Serv-U FTP and Managed File Transfer component of SolarWinds15.2.3 HF1 released May 5, 2021 and all prior versions. Successful exploitation of CVE-2021-35211 could enable an attacker to gai...

0.7AI score0.9116EPSS
Exploits2
Rapid7 Blog
Rapid7 Blog
added 2021/01/12 7:35 p.m.156 views

Update on SolarWinds Supply-Chain Attack: SUNSPOT and New Malware Family Associations

This update is a continuation of our previous coverage of the SolarWinds supply-chain attack that was discovered by FireEye in December 2020. As of Jan. 11, 2021, new research has been published that expands the security community’s understanding of the breadth and depth of the SolarWinds attack...

0.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/09/21 2:30 p.m.156 views

Define What to Parse From Logs with the Custom Parsing Tool in InsightIDR

Data is essential to any SIEM. Generally, this data is collected from logs, endpoints, and networks. All of this data paints a holistic picture of your network so you have constant visibility into what’s going on, and where. When it comes to security data, log data is the primary driver. In...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/10/27 3:22 p.m.155 views

CVE-2021-39144: VMware Cloud Foundation Unauthenticated Remote Code Execution

On October 25, 2022, VMware published VMSA-2022-0027 on two vulnerabilities in its Cloud Foundation NSX-V solution. By far the more severe of these is CVE-2021-39144, an unauthenticated remote code execution vulnerability with a CVSSv3 score of 9.8. The vulnerability arises from a deserialization...

6CVSS2.2AI score0.98124EPSS
Exploits6
Rapid7 Blog
Rapid7 Blog
added 2022/03/08 9:8 p.m.155 views

Patch Tuesday - March 2022

Microsoft's March 2022 updates include fixes for 92 CVEs including 21 from the Chromium project, which is used by their Edge web browser. None of them have been seen exploited in the wild, but three have been previously disclosed. CVE-2022-24512, affecting .NET and Visual Studio, and...

9CVSS1.4AI score0.56376EPSS
Exploits5
Rapid7 Blog
Rapid7 Blog
added 2022/10/21 5:31 p.m.154 views

Metasploit Weekly Wrap-Up

Zimbra with Postfix LPE CVE-2022-3569 This week rbowes added an LPE exploit for Zimbra with Postfix. The exploit leverages a vulnerability whereby the Zimbra user can run postfix as root which in turn is capable of executing arbitrary shellscripts. This can be abused for reliable privilege...

7.5CVSS0.6AI score0.99998EPSS
Exploits48
Rapid7 Blog
Rapid7 Blog
added 2021/11/04 7:47 p.m.154 views

Trojan Source CVE-2021-42572: No Panic Necessary

What is this thing? Researchers at the University of Cambridge and the University of Edinburgh recently published a paper on an attack technique they call “Trojan Source.” The attack targets a weakness in text-encoding standard Unicode—which allows computers to handle text across many different...

7.5CVSS7.6AI score0.66023EPSS
Exploits8
Rapid7 Blog
Rapid7 Blog
added 2022/03/11 8:26 p.m.153 views

Metasploit Weekly Wrap-Up

Mucking out the pipes. Thanks to some quick work by timwr, CVE-2022-0847 aka "Dirty Pipe" gives Metasploit a bit of digital plumber's training. The exploit targeting modern Linux v5 kernels helps elevate user privileges by overwriting a SUID binary of your choice by plunging some payload gold...

9CVSS9AI score0.96182EPSS
Exploits276
Rapid7 Blog
Rapid7 Blog
added 2023/07/18 3:28 p.m.152 views

Critical Zero-Day Vulnerability in Citrix NetScaler ADC and NetScaler Gateway

On Tuesday, July 18, Citrix published a security bulletin warning users of three new vulnerabilities affecting NetScaler ADC and NetScaler Gateway. Of the three vulnerabilities, CVE-2023-3519 is the most severe—successful exploitation allows unauthenticated attackers to execute code remotely on...

7.5CVSS9.6AI score0.99445EPSS
Exploits16
Rapid7 Blog
Rapid7 Blog
added 2021/12/17 10:53 p.m.152 views

Metasploit Wrap-Up

Log4Shell - Log4j HTTP Scanner Versions of Apache Log4j impacted by CVE-2021-44228 which allow JNDI features used in configuration, log messages, and parameters, do not protect against attacker controlled LDAP and other JNDI related endpoints. This module will scan an HTTP endpoint for the...

9.3CVSS0.3AI score0.99999EPSS
Exploits360
Rapid7 Blog
Rapid7 Blog
added 2023/10/10 8:34 p.m.150 views

Patch Tuesday - October 2023

Microsoft is addressing 105 vulnerabilities this October Patch Tuesday, including three zero-day vulnerabilities, as well as 12 critical remote code execution RCE vulnerabilities, and one republished third-party vulnerability. WordPad: zero-day NTLM hash disclosure Another Patch Tuesday, another...

7.5CVSS9.2AI score0.99999EPSS
Exploits21
Rapid7 Blog
Rapid7 Blog
added 2023/09/25 7:6 p.m.150 views

Introducing Active Risk

Cyber risk is increasing both in volume and velocity. Given the landscape of threats, weaknesses, vulnerabilities, and misconfigurations, organizations, teams and vulnerability analysts alike need of better prioritization mechanisms. That's why we developed a new risk scoring methodology: Active...

6.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/09/17 7:59 p.m.150 views

Metasploit Wrap-Up

Clone your way to code execution We’ve had a busy week bringing you exploits, features, enhancements, and fixes. Exploit modules for Git and El Finder lead the pack this week with an information disclosure against Jira and a post exploitation module targeting Geutebruck white-labelled cameras to...

10CVSS0.1AI score0.99603EPSS
Exploits27
Rapid7 Blog
Rapid7 Blog
added 2022/01/21 8:8 p.m.149 views

Metasploit Weekly Wrap-Up

Image Credit: https://upload.wikimedia.org/wikipedia/commons/c/c7/Logs.jpg without change while j==shell; Log4j; The Log4j loop continues as we release a module targeting vulnerable vCenter releases. This is a good time to suggest that you check your vCenter releases and maybe even increase the...

9.3CVSS10AI score0.99999EPSS
Exploits362
Rapid7 Blog
Rapid7 Blog
added 2021/05/14 5:29 p.m.149 views

Metasploit Wrap-Up

Stopped at the gate? A fun new module from timwr, taking advantage of a technique reported by Cedric Owens, is reminding everyone if there is no fence a gate will not deter us. The new module provides a quick wrapper for payloads that bypasses download origination and authorization requirements...

6.8CVSS1.2AI score0.99981EPSS
Exploits44
Rapid7 Blog
Rapid7 Blog
added 2023/11/14 9:27 p.m.148 views

Patch Tuesday - November 2023

Microsoft is addressing 64 vulnerabilities this November Patch Tuesday, including five zero-day vulnerabilities as well as one critical remote code execution RCE vulnerability. Overall, this month sees significantly fewer vulnerabilities addressed across a smaller number of products than has been...

7.5CVSS10AI score0.99999EPSS
Exploits35
Rapid7 Blog
Rapid7 Blog
added 2022/02/17 6:0 p.m.146 views

Log4Shell 2 Months Later: Security Strategies for the Internet's New Normal

CVE-2021-44228 rules everything around us — or so it seemed, at least, for those breathless days in December 2021 when the full scope of Log4Shell was starting to take hold and security teams were strapped for time and resources as they scoured their organizations' environments for vulnerable...

9.3CVSS9.5AI score0.99999EPSS
Exploits355
Rapid7 Blog
Rapid7 Blog
added 2022/04/22 9:3 p.m.145 views

Opportunistic Exploitation of WSO2 CVE-2022-29464

On April 18, 2022, MITRE published CVE-2022-29464 , an unrestricted file upload vulnerability affecting various WSO2 products. WSO2 followed with a security advisory explaining the vulnerability allowed unauthenticated and remote attackers to execute arbitrary code in the following products: API...

10CVSS9.8AI score0.99999EPSS
Exploits22
Rapid7 Blog
Rapid7 Blog
added 2021/08/02 1:16 p.m.144 views

3 Steps to Integrate Rapid7 Products Into the DevSecOps Cycle

DevSecOps is the concept and practice of integrating security into the DevOps cycle. The idea is to bring the different phases of security into the DevOps model and try to automate the entire process, so security is integrated directly into the initial application builds. In this post, we’ll take...

7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/05/21 7:11 p.m.144 views

Metasploit Wrap-Up

Dell DBUtil23.sys IOCTL memmove privilege escalation Our very own zeroSteiner added a new module, which exploits insufficient access control in Dell's dbutil23.sys firmware update driver included in the Dell Bios Utility that comes pre-installed with most Windows machines. The driver accepts...

9.3CVSS0.7AI score0.99295EPSS
Exploits103
Rapid7 Blog
Rapid7 Blog
added 2024/02/12 1:23 p.m.143 views

Critical Fortinet FortiOS CVE-2024-21762 Exploited

On February 8, 2024 Fortinet disclosed multiple critical vulnerabilities affecting FortiOS, the operating system that runs on Fortigate SSL VPNs. The critical vulnerabilities include CVE-2024-21762, an out-of-bounds write vulnerability in SSLVPNd that could allow remote unauthenticated attackers ...

7.5CVSS8.6AI score0.99474EPSS
Exploits29
Rapid7 Blog
Rapid7 Blog
added 2020/11/04 3:24 p.m.143 views

NICER Protocol Deep Dive: Internet Exposure of Citrix ADC/NetScaler

Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet way back in January, we had no idea we'd end up with a hefty, 137-page tome of a research report. The sheer length of such a thing might put off folks who might otherwise learn a thin...

7.5CVSS0.2AI score0.99999EPSS
Exploits48
Rapid7 Blog
Rapid7 Blog
added 2026/05/28 12:0 p.m.142 views

CVE-2026-52806: Authenticated RCE via Argument Injection in Gogs (FIXED as of June 7, 2026)

Overview Rapid7 Labs discovered a critical argument injection CWE-88 vulnerability in Gogs, a popular open-source self-hosted Git service, tracked as CVE-2026-52806. The vulnerability, scored as CVSSv3.1 9.9 Critical, allows any authenticated user to achieve remote code execution RCE on the serve...

9.9CVSS7.4AI score0.01029EPSS
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/02/15 12:41 a.m.141 views

Patch Tuesday - February 2023

It’s Patch Tuesday again. Microsoft is addressing fewer individual vulnerabilities this month than last, but there’s still plenty to keep admins and defenders occupied. Three zero-day vulnerabilities are vying for your attention today: a lone Microsoft Publisher vulnerability as well as a couple...

2.9CVSS0.7AI score0.82302EPSS
Exploits18
Rapid7 Blog
Rapid7 Blog
added 2021/11/05 7:43 p.m.141 views

Metasploit Wrap-Up

GitLab RCE New Rapid7 team member jbaines-r7 wrote an exploit targeting GitLab via the ExifTool command. Exploiting this vulnerability results in unauthenticated remote code execution as the git user. What makes this module extra neat is the fact that it chains two vulnerabilities together to...

6.8CVSS9.9AI score0.99981EPSS
Exploits67
Rapid7 Blog
Rapid7 Blog
added 2020/12/04 2:34 p.m.140 views

How to Create an OS-Based Policy Scanning Workflow in InsightVM

When you first start setting up InsightVM, the No. 1 thing you should be focused on is building sites, running scans, and kicking off reports to start building your vulnerability management program. Once you start feeling comfortable with the vulnerability management flow, policy scanning should ...

6.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/05/10 1:59 p.m.137 views

MDR Vendor Must-Haves, Part 10: Included Security Orchestration and Automation

This blog post is part of an ongoing series about evaluating Managed Detection and Response MDR providers. For more insights, check out our guide, “10 Things Your MDR Service Must Do.” Cybersecurity teams continue to be challenged by resource constraints and disconnected toolsets. One method of...

Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/13 5:37 p.m.137 views

Patch Tuesday - April 2021

Patch Tuesday is here again and there are more Exchange updates to apply! A total of 114 vulnerabilities were fixed this month with more than half of them affecting all versions of Windows, with about half of them being remote code execution bugs, and about a fifth of them being rated as critical...

10CVSS1.5AI score0.83214EPSS
Exploits12
Rapid7 Blog
Rapid7 Blog
added 2023/07/11 9:50 p.m.136 views

Patch Tuesday - July 2023

Microsoft is addressing 130 vulnerabilities this July Patch Tuesday, including five zero-day vulnerabilities, and eight further critical remote code execution RCE vulnerabilities. Overall, it’s safe to say that this is a busier Patch Tuesday than the past couple of months. Note that the total cou...

9.3CVSS9.2AI score0.99374EPSS
Exploits75
Rapid7 Blog
Rapid7 Blog
added 2021/08/17 1:58 p.m.135 views

Fortinet FortiWeb OS Command Injection

An OS command injection vulnerability in FortiWeb's management interface version 6.3.11 and prior can allow a remote, authenticated attacker to execute arbitrary commands on the system, via the SAML server configuration page. This is an instance of CWE-78: Improper Neutralization of Special...

9CVSS9.2AI score0.7727EPSS
Exploits2
Rapid7 Blog
Rapid7 Blog
added 2021/12/14 10:12 p.m.134 views

Patch Tuesday - December 2021

This month’s Patch Tuesday comes in the middle of a global effort to mitigate Apache Log4j CVE-2021-44228. In today’s security release, Microsoft issued fixes for 83 vulnerabilities across an array of products — including a fix for Windows Defender for IoT, which is vulnerable to CVE-2021-44228...

10CVSS1.6AI score0.99999EPSS
Exploits363
Rapid7 Blog
Rapid7 Blog
added 2021/10/12 7:47 p.m.134 views

Patch Tuesday - October 2021

Today’s Patch Tuesday sees Microsoft issuing fixes for over 70 CVEs, affecting the usual mix of their product lines. From Windows, Edge, and Office, to Exchange, SharePoint, and Dynamics, there is plenty of patching to do for workstation and server administrators alike. One vulnerability has...

7.2CVSS0.2AI score0.73381EPSS
Exploits20
Rapid7 Blog
Rapid7 Blog
added 2022/12/09 8:36 p.m.133 views

Metasploit Wrap-Up

Login brute-force utility Jan Rude added a new module that gives users the ability to brute-force login for Linux Syncovery. This expands Framework's capability to scan logins to Syncovery, a popular web GUI for backups. WordPress extension SQL injection module Cydave, destr4ct, and jheysel-r7...

7.5CVSS0.2AI score0.37171EPSS
Exploits16
Rapid7 Blog
Rapid7 Blog
added 2022/07/26 5:15 p.m.133 views

CVE-2022-35629..35632 Velociraptor Multiple Vulnerabilities (FIXED)

This advisory covers a number of issues identified in Velociraptor and disclosed by a security code review performed by Tim Goddard from CyberCX. We also thank Rhys Jenkins for working with the Velociraptor team to identify and rectify these issues. All of these identified issues have been fixed ...

0.2AI score0.00444EPSS
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/11/01 6:32 p.m.132 views

Suspected Exploitation of Apache ActiveMQ CVE-2023-46604

Tom Elkins, John Fenninger, Evan McCann, Matthew Smith, and Micah Young contributed attacker behavior insights to this blog. Beginning Friday, October 27, Rapid7 Managed Detection and Response MDR identified suspected exploitation of Apache ActiveMQ CVE-2023-46604 in two different customer...

7.5CVSS7.1AI score0.99654EPSS
Exploits31
Rapid7 Blog
Rapid7 Blog
added 2022/07/12 7:40 p.m.131 views

Patch Tuesday - July 2022

Microsoft’s updates for July's Patch Tuesday fix 86 CVEs, including two vulnerabilities in their Chromium-based Edge browser that were patched earlier in the month. One 0-day vulnerability has been patched: CVE-2022-22047 affects all currently supported versions of Microsoft’s pervasive operating...

9CVSS1.6AI score0.88609EPSS
Exploits5
Rapid7 Blog
Rapid7 Blog
added 2021/09/15 3:44 a.m.131 views

Patch Tuesday - September 2021

Microsoft has fixed a total of 60 vulnerabilities this month, including two publicly disclosed 0-days. Fortunately there are only a few issues rated critical this month with the vast majority of the remainder being rated important. Here’s three big things you can go patch right now. MSHTML Remote...

7.5CVSS0.9AI score0.99723EPSS
Exploits62
Rapid7 Blog
Rapid7 Blog
added 2021/07/07 1:5 p.m.131 views

CVE-2020-7387..7390: Multiple Sage X3 Vulnerabilities

Four vulnerabilities involving Sage X3 were identified by Rapid7 researchers Jonathan Peterson, Aaron Herndon, Cale Black, Ryan Villarreal, and William Vu. These vulnerabilities were reported to Sage according to Rapid7's usual vulnerability disclosure process and were fixed in recent releases fo...

1.4AI score0.70268EPSS
Exploits9
Rapid7 Blog
Rapid7 Blog
added 2023/05/09 8:2 p.m.130 views

Patch Tuesday - May 2023

A less crowded Patch Tuesday for May 2023: Microsoft is offering fixes for just 49 vulnerabilities this month. There are no fixes this month for printer drivers, DNS, or .NET, three components which have featured heavily in recent months. Three zero-day vulnerabilities are patched, alongside a...

10CVSS8.7AI score0.99999EPSS
Exploits137
Rapid7 Blog
Rapid7 Blog
added 2023/02/07 5:27 p.m.130 views

CVE-2022-21587: Rapid7 Observed Exploitation of Oracle E-Business Suite Vulnerability

Emergent threats evolve quickly, and as we learn more about this vulnerability, this blog post will evolve, too. Rapid7 is responding to various compromises arising from the exploitation of CVE-2022-21587, a critical arbitrary file upload vulnerability rated 9.8 on the CVSS v3 risk metric impacti...

0.1AI score0.98342EPSS
Exploits7
Rapid7 Blog
Rapid7 Blog
added 2021/11/03 1:30 p.m.130 views

InsightVM Scan Diagnostics: Troubleshooting Credential Issues for Authenticated Scanning

Have you ever tried to figure out why a vulnerability or policy scan isn’t showing you the results you expect, even though you’ve provided credentials? If so, you’ll be pleased to hear that the November 3rd release of Nexpose and InsightVM version 6.6.112 will introduce a new check category...

6.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/09 7:17 p.m.130 views

Metasploit Wrap-Up

Spilling the Gitea We have two modules coming in from cdelafuente-r7 targeting CVE-2020-14144 for both the Gitea and Gogs self-hosted Git services. Both modules are similar: they take advantage of a user’s ability to create Git hooks by authenticating with the web interface, creating a dummy...

10CVSS0.3AI score0.98266EPSS
Exploits29
Total number of security vulnerabilities1731