Posts by Tod Beardsley

7 min Vulnerability Disclosure

CVE-2023-0391: MGT-COMMERCE CloudPanel Shared Certificate Vulnerability and Weak Installation Procedures

Rapid7 has discovered three security concerns in CloudPanel from MGT-COMMERCE, a self-hosted web administration solution.

4 min Vulnerability Disclosure

Microsoft Defender for Cloud Management Port Exposure Confusion

Microsoft Defender for Cloud, until recently, didn't distinguish "" as a synonym for "any" when checking for management port exposures for Azure instances.

2 min Research

A Deep Dive into Reversing CODESYS

This white paper offers a technical deep dive into PLC protocols and how to safely scan CODESYS-based ICS networking stacks.

13 min Vulnerability Disclosure

Multiple DMS XSS (CVE-2022-47412 through CVE-20222-47419)

Rapid7 has discovered, and is now disclosing, eight XSS issues affecting four on-premises document management systems. As of this disclosure, none have patches available.

5 min Vulnerability Disclosure

Refreshing Rapid7's Coordinated Vulnerability Disclosure Policy

Rapid7 has updated its coordinated vulnerability disclosure (CVD) policy and philosophy. In this article, you'll learn what prompted the changes.

4 min Vulnerability Disclosure

Cengage LTI Session Management Leakage

Cengage, an education technology provider in use in many higher education environments primarily in the United States, had two issues in the way it handled session management over its Learning Tools Integration (LTI) pipeline.

3 min Vulnerability Disclosure

CVE-2022-4261: Rapid7 Nexpose Update Validation Issue (FIXED)

Nexpose version 6.6.172 fixes an issue with how Nexpose validates update packages, CVE-2022-4261.

3 min Research

New Research: We’re Still Terrible at Passwords; Making it Easy for Attackers

We look at two of the most popular protocols used for remote administration, SSH and RDP, to get a sense of how attackers are taking advantage of weaker password management to gain access to systems.

2 min Research

25 Years of Nmap: Happy Scan-iversary!

On September 1, 1997, the open-source security scanner Nmap was released. Our Director of Research Tod Beardsley reflects on the 25th anniversary.

8 min Vulnerability Disclosure

Primary Arms PII Disclosure via IDOR (FIXED)

Primary Arms, a popular e-commerce site dealing in firearms and related merchandise, suffers from an insecure direct object reference (IDOR) vulnerability.

5 min Vulnerability Disclosure

CVE-2021-3779: Ruby-MySQL Gem Client File Read (FIXED)

The ruby-mysql Ruby gem prior to version 2.10.0 maintained by Tomita Masahiro is vulnerable to an instance of CWE-610.

4 min Vulnerability Management

The Hidden Harm of Silent Patches

Silent patches limit who understands how to exploit a vulnerability, which sounds like a great plan — but there's a catch.

7 min Vulnerability Disclosure

CVE-2022-1026: Kyocera Net View Address Book Exposure

Rapid7 researcher Aaron Herndon has discovered that several models of Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information.

6 min Vulnerability Disclosure

CVE-2021-3546[78]: Akkadian Console Server Vulnerabilities (FIXED)

Rapid7 researchers discovered that the Akkadian Console version 4.7, a call manager solution, is affected by two vulnerabilities.

4 min Vulnerability Disclosure

CVE-2021-3927[67]: Fortress S03 WiFi Home Security System Vulnerabilities

Rapid7 researcher Arvind Vishwakarma discovered multiple vulnerabilities in the Fortress S03 WiFi Home Security System.