Patch your Ivanti EPM asap. My pre-auth RCE got fixed and exploitation is straightforward.

hop skip jump over to our latest blog post - analysing Fortinet's FortiJump CVE-2024-47575, FortiJump-Higher (we love this name😄) and beyond (PoC included) labs.watchtowr.com/hop-skip-forti…

...and we now have a Metasploit Project exploit module in the pull queue for the FortiManager vuln (CVE-2024-47575): github.com/rapid7/metaspl…

Palo Alto Networks patches two firewall zero-days used in attacks - Sergiu Gatlan bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

in today's 'no way, is it real?' we found out that Palo Alto's PAN-OS CVE-2024-0012 and CVE-2024-9474 were the equivalents of saying 'turn off auth and give me a shell'. Enjoy! labs.watchtowr.com/pots-and-pans-…

We now have a Metasploit Project exploit module in the pull queue for the PAN-OS management interface unauthenticated RCE exploit chain (CVE-2024-0012 + CVE-2024-9474), based upon the technical analysis published today by watchTowr. github.com/rapid7/metaspl…

RCE Yes :)

Here is a quick NMAP script to check for CVE-2024-0012. github.com/RootUp/Persona… #infosec

if you cant handle me at my 10 comments on your PR you dont deserve me at my LGTM

Earlier this year, Assetnote's Security Research team discovered a vulnerability in Sitecore XP (CVE-2024-46938) that can lead to pre-authentication RCE. Order of operations bugs are one of my favorite types of bugs :) Write up and exploit script here: assetnote.io/resources/rese…

Today, VulnCheck released new research revealing that 99% of ProjectSend instances are still vulnerable to a critical vulnerability that has been publicly known for over a year. More on how attackers are exploiting this vulnerability here: vulncheck.com/blog/projectse…

wvu Sure you can read about all the details below insinuator.net/2024/11/vulner…

The first in a three-part series detailing my team's work in decrypting and analyzing SonicWall firewall firmware 🔥🧱 bishopfox.com/blog/sonicwall…

New whitepaper from Stephen Fewer on a five-bug chain he used to get unauthenticated RCE on the Lorex 2K Indoor Wi-Fi Security Camera 📸🐚 rapid7.com/globalassets/_…

Today Rapid7 is disclosing the vulnerabilities from our exploit chain targeting the Lorex 2K Indoor Wi-Fi Security Camera, which we entered at this year's Pwn2Own Ireland. A 2 phase exploit, built upon 5 vulnerabilities - phase 1 is an auth bypass, whilst phase 2 is RCE. Read

You knew it was coming… Cleo Harmony, VLTrader, and LexiCom - RCE via Arbitrary File Write (CVE-2024-50623) labs.watchtowr.com/cleo-cve-2024-…

This is your yearly reminder that this repo exists github.com/vulhub/vulhub if you ever needed a environment for that CVE poc to run on, its a life saver! 🫶Thank you vulhub for sharing this resource with the community. Also thank you The Haag™ for showing it to me!

VulnCheck’s latest research shows exploitation of Four-Faith industrial routers in the wild. VulnCheck assigned this issue CVE-2024-12856 and wrote a Suricata rule to detect it on the wire. Read the full report: vulncheck.com/blog/four-fait…

And a video demonstrating exploitation: youtube.com/watch?v=JaFKvq…