query

September 9, 2021

Finding Confluence servers with Rumble

The U.S. Cyber Command recently reported “mass exploitation” of a code execution vulnerability in Atlassian’s popular Confluence software (CVE-2021-26084). This vulnerability has a CVSS Base score of 9.8 (considered “critical”), requires no authentication for exploitation, …

Read More

August 25, 2021

Finding Fortinet web application firewall devices with Rumble

Recently published security research from Rapid7 provides details on an OS command injection vulnerability in Fortinet’s web application firewall (WAF) product line known as FortiWeb. This vulnerability exists in the FortiWeb management interface (versions 6.3.11 and prior) …

Read More

July 15, 2021

How to find SolarWinds Serv-U systems on your network

Microsoft recently notified SolarWinds that they had discovered a remote code execution vulnerability in Serv-U Managed File Transfer and Serv-U Secure FTP. The vulnerability being exploited is CVE-2021-35211 and only exists when SSH is enabled in Serv-U environments. …

Read More

May 4, 2021

How to find Exim mail servers on your network

In their security advisory for 21Nails, the Qualys Research team communicated their discovery of several critical vulnerabilities in Exim mail servers that can be exploited for unauthenticated code execution and root privileges. Recently, maintainers of the Exim mail server …

Read More

March 31, 2021

How to find Ubiquiti devices on your network

Earlier this year, Ubiquiti, a popular networking equipment manufacturer for businesses and consumers, disclosed a security breach that potentially exposed customer data. However, recent news indicates that the reported breach was intentionally and severely underreported, …

Read More