@infosec_au @mgianarakis Congratulations! 🎉

Great analysis from @the_emmons on the recent SonicWall VPN auth bypass. Hijacking an active client SSL VPN connection is wild. Check out the analysis of CVE-2024-53704 here...

@SinSinology Wow, a fantastic achievement, congratulations! 🎉👏

RT @steventseeley: Very impressive work from @SinSinology, it just goes to show what determination and skill combined can achieve 😎

I observed that new checks were added to the code path for the rsh technique, which prevented an unregistered fortigate device being able to trigger the issue. I did not test if a registered device could still leverage the feature, but perhaps this is possible, AFAIK the rsh feature itself was not removed.

@MCKSysAr @0cdefender0 @watchtowrcyber Thanks! Will Dormann mentioned something similar (. I didn't come across this against my VM of 22.7r2.4. I wonder what the difference is in setups/versions or maybe my ruby install 🤔

@fullspectrumdev @WatchTowr Yup that would work. Unfortunately the target web server process doesn't fork on a new client connection, so you have to make your attempts in serial, but as you say, that doesn't affect targeting many targets in parallel.

PoC for CVE-2025-0282 targeting 22.7r2.4 can be found here:

@SinSinology That's awesome - great technique, congrats🔥

We now have a @metasploit RCE exploit module in the pull queue for CVE-2024-55956 - an unauthenticated file write vulnerability affecting Cleo LexiCom, VLTrader, and Harmony which was exploited in the wild last month as 0day:

Fantastic opportunity to join the @rapid7 vuln research team in a manager role🚀

@chudyPB Congrats Piotr!

RT @metasploit: Our annual wrap-up is here with all of the hotness from 2024! The deepest of thanks to our 62 contributors from last year,…

RT @alexjplaskett: RCE via the Fax Machine by @rdjgr and Carlo Meijer

RT @starlabs_sg: 🎄 All I Want for Christmas is a CVE-2024-30085 Exploit 🎄 As always, we at @starlabs_sg are sharing what we learnt. This ti…

RT @catc0n: Rapid7 analysis of Apache #Struts2 CVE-2024-53677 below via @the_emmons. Very similar to Struts CVE-2023-50164 — payloads have…

RT @FuzzySec: I have posted the slides for the talk @chompie1337 and I gave this past weekend at @h2hconference -> The Kernel Hacker’s Guid…

We have published our @rapid7 analysis of the new Cleo vuln, now known as CVE-2024-55956. An unauthenticated file write affecting LexiCom, VLTrader, and Harmony versions 5.8.0.23 and below, that can be leveraged to achieve unauth RCE. Full analysis here: