January 27, 2022
Finding Linux instances vulnerable to PwnKit
News dropped this week around a memory corruption vulnerability with a broad reach across many Linux distributions, including Ubuntu, Debian, Mint, RHEL, Fedora, CentOS, Oracle, Arch, and SUSE. Having been present-but-unseen for over 12 years now, CVE-2021-4034 (with a …
Read More
January 26, 2022
Finding Control Web Panel (CWP) instances
Rumble Network Discovery is now runZero! Security researcher Paulos Yibelo shared findings this week on two new vulnerabilities within the popular Control Web Panel (formerly CentOS Web Panel) web hosting management software. Both CVE-2021-45466 (a file write vulnerability) …
Read More
January 14, 2022
Ringing in 2022 with vulns, more vulns, and CISA guidance
Rumble Network Discovery is now runZero! Wrapping up 2021 and kicking off 2022, there were no shortages of vulnerabilities, vendor security advisories, patches, and active exploitations. Oh, did we mention, even more vulnerabilities and more patches? To ring in 2022 …
Read More
December 10, 2021
Finding applications that use Log4J
Last updated on April 26, 2021 at 08:00 CST (-0600) runZero can help you build an up-to-date asset inventory and search for assets that may be affected by Log4J vulnerabilities, such as Log4shell. runZero is not a vulnerability scanner, but you can share runZero’s …
Read More
December 8, 2021
Finding Grafana instances
A zero-day vulnerability for Grafana, a popular analytics and visualization software, was leaked this week. This vulnerability provides attackers a path traversal attack vector that can result in data disclosure, resulting in access to files containing confidential …
Read More
December 3, 2021
Finding HP printers and MFPs vulnerable to Printing Shellz
Do you have HP printers and multi-function printers (MFPs)? You might want to look at the two recently published vulnerabilities that affect 150+ models. Named “Printing Shellz” by the F-Secure security researchers who reported them, these vulns have been around …
Read More
November 10, 2021
Finding Nucleus TCP/IP assets with accessible FTP services
Researchers at Forescout recently published findings on a new set of 13 vulnerabilities with the Nucleus RTOS TCP/IP stack, collectively referred to as NUCLEUS:13. Originally released in 1993, Nucleus is found in many different types of products, including devices in the …
Read More
October 28, 2021
Finding PAX point-of-sale devices
PAX Technologies, a China-based company that manufactures a LOT of point-of-sale (POS) terminal devices, has been in the news this week following an FBI raid of a PAX Florida facility. While the FBI didn’t officially confirm much beyond serving a court-authorized …
Read More
October 25, 2021
Finding Cisco devices running IOS XE
Cisco recently disclosed a command execution vulnerability that affects some versions of IOS XE SD-WAN software running on Cisco routing devices and virtual instances. With a CVSSv3 score of 7.8, this vulnerability (assigned CVE-2021-1529) is due to inadequate input …
Read More
October 5, 2021
Finding Apache HTTP Server instances
Rumble Network Discovery is now runZero! Update: The 2.4.50 fix was incomplete and we strongly recommend upgrading to 2.4.51 or newer. The Apache Software Foundation recently announced a path traversal vulnerability present in version 2.4.49 of the Apache HTTP Server …
Read More