query

October 5, 2021

Finding Apache HTTP Server instances

Update: The 2.4.50 fix was incomplete and we strongly recommend upgrading to 2.4.51 or newer. The Apache Software Foundation recently announced a path traversal vulnerability present in version 2.4.49 of the Apache HTTP Server software. Due to insufficient coverage of …

Read More

September 21, 2021

Finding Hikvision IP cameras and recorders on your network

Newly published security research from Watchful IP reveals an unauthenticated code execution vulnerability (assigned CVE-2021-36260) present in many Hikvision networked video devices. With a “critical” CVSS score of 9.8, this vulnerability affects a long list of Hikvision …

Read More

September 17, 2021

Finding Azure Linux VMs running OMI services

Details on vulnerabilities present in some Azure Linux VMs, collectively referred to as “OMIGOD”, came to light this week via published research by the cloud security folks at Wiz.io. These vulnerabilities are found in the Open Management Infrastructure software that …

Read More

September 9, 2021

Finding Confluence servers with Rumble

The U.S. Cyber Command recently reported “mass exploitation” of a code execution vulnerability in Atlassian’s popular Confluence software (CVE-2021-26084). This vulnerability has a CVSS Base score of 9.8 (considered “critical”), requires no authentication for exploitation, …

Read More

August 25, 2021

Finding Fortinet web application firewall devices with Rumble

Recently published security research from Rapid7 provides details on an OS command injection vulnerability in Fortinet’s web application firewall (WAF) product line known as FortiWeb. This vulnerability exists in the FortiWeb management interface (versions 6.3.11 and prior) …

Read More

July 15, 2021

How to find SolarWinds Serv-U systems on your network

Microsoft recently notified SolarWinds that they had discovered a remote code execution vulnerability in Serv-U Managed File Transfer and Serv-U Secure FTP. The vulnerability being exploited is CVE-2021-35211 and only exists when SSH is enabled in Serv-U environments. …

Read More

May 4, 2021

How to find Exim mail servers on your network

In their security advisory for 21Nails, the Qualys Research team communicated their discovery of several critical vulnerabilities in Exim mail servers that can be exploited for unauthenticated code execution and root privileges. Recently, maintainers of the Exim mail server …

Read More

March 31, 2021

How to find Ubiquiti devices on your network

Earlier this year, Ubiquiti, a popular networking equipment manufacturer for businesses and consumers, disclosed a security breach that potentially exposed customer data. However, recent news indicates that the reported breach was intentionally and severely underreported, …

Read More