Rapid7 has disclosed two vulnerabilities as outlined below.
- The first vulnerability is a cross-site scripting vulnerability the team discovered in ManageEngine OpUtils, an enterprise switch port and IP address management system. This vulnerability allows a malicious actor to conduct attacks which can be used to modify the systems configuration, compromise data, take control of the product or launch attacks against the authenticated user’s hosts system.
- The second vulnerability deals with serial servers exposed on the internet, which are manufactured by Moxa. In 2013, Rapid7 reported about serial servers connected to the internet and security implications. The same issues that were reported then are also applicable for these devices – the team found a lack of authentication and encryption on these devices, which makes it possible for attackers to eavesdrop on the communication.
Please also see blog posts below detailing the vulnerabilities.