Customer Portal
Connect with Support
Need help? We’ve got you covered. Sign in to the Customer Portal for our top recommended help articles, and to connect with our awesome Support Team.
Create and manage your cases with ease and get routed to the right product specialist.
Having trouble logging in?
- Create your account
- Reset your password via the "Need help signing in" link on the Sign In page.
- Customer Portal FAQs
Customer Support Guidebook
Learn how the Rapid7 Customer Support team can support you and your organization
Help & Docs
Self-Service Help
Training & Certifications
Be awesome at everything you do -- get trained by Rapid7 experts and take your security skills to the next level.
Learn moreConsulting Services
Need a hand with your security program? From planning and strategy to full-service support, our Rapid7 experts have you covered.
- Penetration Testing Services
- Managed Services for Vulnerability Management
- Managed Detection and Response Solution
- IoT Security Services
Read What’s New on the Rapid7 Blog
Metasploit Weekly Wrap-Up 07/26/2024
New module content (3)
Magento XXE Unserialize Arbitrary File Read
Authors: Heyder and Sergey Temnikov
Type: Auxiliary
Pull request: #19304 [https://github.com/rapid7/metasploit-framework/pull/19304]
contributed by heyder [https://github.com/heyder]
Path: gather/magento_xxe_cve_2024_34102
AttackerKB reference: CVE-2024-34102
[https://attackerkb.com/search?q=CVE-2024-34102&referrer=blog]
Description: This adds an auxiliary module for an XXE which results in an
arbitrary file in Magento which is
Key Takeaways From The Take Command Summit:Command Your Cloud
The Cloud security landscape is constantly changing. During the "Command Your Cloud" session at the Rapid7 Take Command Summit, industry experts Ryan Blanchard, Jeffrey Gardner and Devin Krugly shared vital strategies for staying ahead of that constant change.
CVE-2024-6922: Automation Anywhere Automation 360 Server-Side Request Forgery
Automation 360 Robotic Process Automation suite v21-v32 is vulnerable to unauthenticated Server-Side Request Forgery (SSRF).
Visit the Customer Portal
File a case, view your open cases, get in touch.