Posts by Pearce Barry

January 27, 2022

Finding Linux instances vulnerable to PwnKit

News dropped this week around a memory corruption vulnerability with a broad reach across many Linux distributions, including Ubuntu, Debian, Mint, RHEL, Fedora, CentOS, Oracle, Arch, and SUSE. Having been present-but-unseen for over 12 years now, CVE-2021-4034 (with a …

Read More

January 26, 2022

Finding Control Web Panel (CWP) instances

Security researcher Paulos Yibelo shared findings this week on two new vulnerabilities within the popular Control Web Panel (formerly CentOS Web Panel) web hosting management software. Both CVE-2021-45466 (a file write vulnerability) and CVE-2021-45467 (a file inclusion …

Read More

January 14, 2022

Ringing in 2022 with vulns, more vulns, and CISA guidance

Wrapping up 2021 and kicking off 2022, there were no shortages of vulnerabilities, vendor security advisories, patches, and active exploitations. Oh, did we mention, even more vulnerabilities and more patches? To ring in 2022 accordingly, let’s discuss some recent …

Read More

December 10, 2021

Finding applications that use Log4J

Last updated on April 26, 2021 at 08:00 CST (-0600) Rumble can help you build an up-to-date asset inventory and search for assets that may be affected by Log4J vulnerabilities, such as Log4shell. Rumble is not a vulnerability scanner, but you can share Rumble’s results …

Read More

December 8, 2021

Finding Grafana instances

A zero-day vulnerability for Grafana, a popular analytics and visualization software, was leaked this week. This vulnerability provides attackers a path traversal attack vector that can result in data disclosure, resulting in access to files containing confidential …

Read More

December 3, 2021

Finding HP printers and MFPs vulnerable to Printing Shellz

Do you have HP printers and multi-function printers (MFPs)? You might want to look at the two recently published vulnerabilities that affect 150+ models. Named “Printing Shellz” by the F-Secure security researchers who reported them, these vulns have been around …

Read More

November 10, 2021

Finding Nucleus TCP/IP assets with accessible FTP services

Researchers at Forescout recently published findings on a new set of 13 vulnerabilities with the Nucleus RTOS TCP/IP stack, collectively referred to as NUCLEUS:13. Originally released in 1993, Nucleus is found in many different types of products, including devices in the …

Read More

November 9, 2021

Tracking asset ownership with tags

Asset discovery is our bread-and-butter at Rumble, allowing us to surface network-connected systems and devices to our users. Once you have an asset inventory, you can track asset ownership with Rumble, which allows you to identify assets that have been orphaned and are no …

Read More

October 28, 2021

Finding PAX point-of-sale devices

PAX Technologies, a China-based company that manufactures a LOT of point-of-sale (POS) terminal devices, has been in the news this week following an FBI raid of a PAX Florida facility. While the FBI didn’t officially confirm much beyond serving a court-authorized …

Read More

October 25, 2021

Finding Cisco devices running IOS XE

Cisco recently disclosed a command execution vulnerability that affects some versions of IOS XE SD-WAN software running on Cisco routing devices and virtual instances. With a CVSSv3 score of 7.8, this vulnerability (assigned CVE-2021-1529) is due to inadequate input …

Read More