Back to Blog
Jake Baines's picture

Posts by Jake Baines

Rapid7 Discovered Vulnerabilities in Cisco ASA, ASDM, and FirePOWER Services Software

Vulnerabilities and Exploits

Rapid7 Discovered Vulnerabilities in Cisco ASA, ASDM, and FirePOWER Services Software

Jake Baines's avatar

Jake Baines

QNAP Poisoned XML Command Injection (Silently Patched)

Exposure Management

QNAP Poisoned XML Command Injection (Silently Patched)

Jake Baines's avatar

Jake Baines

CVE-2022-30526 (Fixed): Zyxel Firewall Local Privilege Escalation

Vulnerabilities and Exploits

CVE-2022-30526 (Fixed): Zyxel Firewall Local Privilege Escalation

Jake Baines's avatar

Jake Baines

CVE-2022-31749: WatchGuard Authenticated Arbitrary File Read/Write (Fixed)

Exposure Management

CVE-2022-31749: WatchGuard Authenticated Arbitrary File Read/Write (Fixed)

Jake Baines's avatar

Jake Baines

CVE-2022-22977: VMware Guest Authentication Service LPE (FIXED)

Exposure Management

CVE-2022-22977: VMware Guest Authentication Service LPE (FIXED)

Jake Baines's avatar

Jake Baines

CVE-2022-22972: Critical Authentication Bypass in VMware Workspace ONE Access, Identity Manager, and vRealize Automation

Exposure Management

CVE-2022-22972: Critical Authentication Bypass in VMware Workspace ONE Access, Identity Manager, and vRealize Automation

Jake Baines's avatar

Jake Baines

CVE-2022-30525 (FIXED): Zyxel Firewall Unauthenticated Remote Command Injection

Vulnerabilities and Exploits

CVE-2022-30525 (FIXED): Zyxel Firewall Unauthenticated Remote Command Injection

Jake Baines's avatar

Jake Baines

Opportunistic Exploitation of WSO2 CVE-2022-29464

Exposure Management

Opportunistic Exploitation of WSO2 CVE-2022-29464

Jake Baines's avatar

Jake Baines

CVE-2022-28810: ManageEngine ADSelfService Plus Authenticated Command Execution (Fixed)

Exposure Management

CVE-2022-28810: ManageEngine ADSelfService Plus Authenticated Command Execution (Fixed)

Jake Baines's avatar

Jake Baines

CVE-2022-24527: Microsoft Connected Cache Local Privilege Escalation (Fixed)

Exposure Management

CVE-2022-24527: Microsoft Connected Cache Local Privilege Escalation (Fixed)

Jake Baines's avatar

Jake Baines

CVE-2021-4191: GitLab GraphQL API User Enumeration (FIXED)

Threat Research

CVE-2021-4191: GitLab GraphQL API User Enumeration (FIXED)

Jake Baines's avatar

Jake Baines

Dropping Files on a Domain Controller Using CVE-2021-43893

Exposure Management

Dropping Files on a Domain Controller Using CVE-2021-43893

Jake Baines's avatar

Jake Baines

CVE-2021-20038..42: SonicWall SMA 100 Multiple Vulnerabilities (FIXED)

Exposure Management

CVE-2021-20038..42: SonicWall SMA 100 Multiple Vulnerabilities (FIXED)

Jake Baines's avatar

Jake Baines

Driver-Based Attacks: Past and Present

Vulnerabilities and Exploits

Driver-Based Attacks: Past and Present

Jake Baines's avatar

Jake Baines

GitLab Unauthenticated Remote Code Execution CVE-2021-22205 Exploited in the Wild

Exposure Management

GitLab Unauthenticated Remote Code Execution CVE-2021-22205 Exploited in the Wild

Jake Baines's avatar

Jake Baines