Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.

View Cookie Policy for full details

Third-Party Disclosure  

R7-2014-15: GNU Wget FTP Symlink Arbitrary Filesystem Access

Introduction GNU Wget is a command-line utility designed to download files via HTTP, HTTPS, and FTP.  Wget versions prior to 1.16 are vulnerable a symlink attack (CVE-2014-4877) when running in recursive mode with a FTP target. This vulnerability allows an attacker operating a malicious…

R7-2014-12: More Amplification Vulnerabilities in NTP Allow Even More DRDoS Attacks

Overview As part of Rapid7 Labs' Project Sonar, among other things, we scan the entire public IPv4 space (minus those who have opted out) looking for listening NTP servers.  During this research we discovered some unknown NTP servers responding to our probes with messages that…

R7-2014-10 Disclosure: Yokogawa CENTUM CS3000 BKBCopyD.exe File System Access

This blog post represents the final disclosure of the the Yokogawa CENTUM CS3000 vulnerability discussed by Tod Beardsley (@todb) and Jim Denaro (@cipherlaw) on their DEFCON talk, "How To Disclose an Exploit Without Getting in Trouble". A link to that talk, and the…

R7-2014-01, R7-2014-02, R7-2014-03 Disclosures: Exposure of Critical Information Via SNMP Public Community String

Summary of Vulnerabilities This report details three critical information disclosure vulnerabilities. The vulnerabilities were discovered while Matthew Kienow and I (Deral Heiland) were researching information disclosure issues in SNMP on embedded appliances for a talk at CarolinaCon. During this research project, most devices exposed information…

Disclosure: R7-2013-18, ZTE F460 and ZTE F660 web_shell_cmd.gch Backdoor

Per Rapid7's disclosure policy at http://www.rapid7.com/disclosure.jsp, we are disclosing a discovered vulnerability regarding SOHO routers from hardware manufacturer ZTE. We have had no response from the vendor to our queries for a suitable security contact and PGP key. One usual…

Never miss a blog

Get the latest stories, expertise, and news about security today.