Rhino Security Labs

Strategic & Technical Blog

Multiple CVEs in Infoblox NetMRI: RCE, Auth Bypass, SQLi, and File Read Vulnerabilities  

David Yesland
June 4, 2025

While performing research on Infoblox’s NetMRI network automation and configuration management solution, we discovered 6 vulnerabilities in version 7.5.4.104695 of the NetMRI virtual appliance. These ranged from unauthenticated…

CVE-2025-26147: Authenticated RCE In Denodo Scheduler 

CVE-2024-55963: Unauthenticated RCE in Default-Install of Appsmith

CVE-2025-0693: AWS IAM User Enumeration

Nate Wilson

Username enumeration vulnerabilities can allow attackers to identify valid users, which is the first step in many attacks.  During a recent pentest, we discovered two username enumeration vulnerabilities in the AWS Web Console. These…