Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Rapid7 Blog

Vulnerability Disclosure  

Lessons Learned Firsthand: Securing Corporate Voicemail PINs

On Thursday afternoon, Nov. 15, 2018, Rapid7 learned of a potential security issue with our corporate voicemail system, reported by security researcher Kristian Hermansen.…

Prioritizing the Fundamentals of Coordinated Vulnerability Disclosure

In this post, we aim to distinguish between three broad flavors of CVD processes based on authorization, incentives, and resources required. We also urge wider adoption of foundational processes before moving to more advanced and resource-intensive processes.…

Shoring Up the Defenses Together: 2018Q2 and Q3 Wrap-Up

Today (October 29, 2018) we are sharing several vulnerabilities that have been fixed in Rapid7 products and supporting services.…

R7-2018-15 | CVE-2018-5553: Crestron DGE-100 Console Command Injection (FIXED)

This post describes CVE-2018-5553, a vulnerability in the Crestron Console service that is preinstalled on the DGE-100. Due to a lack of input sanitization, this service is vulnerable to command injection that can be used to gain root-level access. DGE-100 devices running firmware versions 1.…

VPNFilter's Potential Reach — Malware Exposure in SMB/Consumer-grade Devices

(Many thanks to Rebekah Brown & Derek Abdine for their contributions to the post.) How does VPNFilter work? Over the past few weeks, Cisco’s Talos group has published some significant new research on a new malware family called VPNFilter. VPNFilter targets and compromises networking…

Shoring up the defenses together: 2018Q1 wrap-up

Today (April 10, 2018) we are sharing six vulnerabilities that have been fixed in Rapid7 products and supporting services. You won’t need to take any actions: all of the issues have been addressed. We are disclosing these vulnerabilities in order to be transparent, to…

R7-2017-27 | CVE-2017-8987: HPE iLO3 Unauthenticated Remote DoS (FIXED)

This post describes CVE-2017-8987, an unauthenticated remote Denial of Service vulnerability in HPE iLO3 firmware version 1.88. This vulnerability can be exploited by several HTTP methods; once triggered, it lasts for approximately 10 minutes until the watchdog service performs a restart of the iLO3…

R7-2017-28: Epson AirPrint XSS (CVE-2018-5550)

The Epson AirPrint web configuration page is vulnerable to a reflected cross-site scripting (XSS) issue in the INPUTT_GEOLOCATION parameter in the web administration console. This issue could be leveraged by an attacker with network access to the web UI to the printer to trick…

NIST Cyber Framework Updated With Coordinated Vuln Disclosure Processes

A key guideline for cybersecurity risk management now includes coordinated vulnerability disclosure and handling processes. This revision will help boost adoption of processes for receiving and analyzing vulnerabilities disclosed from external sources, such as researchers.…

R7-2017-25: Cambium ePMP and cnPilot Multiple Vulnerabilities

Summary of Issues Multiple vulnerabilities in Cambium Networks’ ePMP and cnPilot product lines were discovered by independent researcher Karn Ganeshen, which have, in turn, been addressed by the vendor. The affected devices are in use all over the world to provide wireless network connectivity in…

Welcome transparency on US government's process for disclosing vulnerabilities

The White House recently released details on the US government's process for disclosing - or retaining - zero-day vulnerabilities. The new VEP charter provides answers to several key questions, but it remains to be seen how it will operate in practice.…

Testing Developer Security with Metasploit Pro Task Chains

In this modern age, technology continues to make inroads into all sorts of industries. Everything from smartphones to late-model automobiles to internet-connected toasters requires software to operate, and this proliferation of software has brought along gaggles of software developers with their tools-of-the-trade. All this technology…

R7-2017-08: BPC SmartVista SQL Injection Vulnerability

Important update: 2018/01/25 BPC informed Rapid7 that this vulnerability only impacted the specified version of SmartVista Front-End (2.2.10, revision 287921), which had very limited distribution. Once the vulnerability described below was discovered, BPC released a patch on Jul 19, 2017, before…

No-Priority, Post-Auth Vulnerabilities

In the course of collecting and disclosing vulnerabilities, I occasionally come across an issue that walks like a vuln, quacks like a vuln, but… it’s not exactly a vuln. As per our usual vulnerability disclosure process, we still report these issues to vendors. The…