Rhino Security Labs

Research and Vulnerability Disclosures

Security research and development is key to quality penetration testing, and the core of our identity. With our pentesting services targeted at sophisticated attack capabilities, we're constantly pushing to identify new flaws in customer infrastructure and applications. From AWS security research and reversing web applications to adding to our suite of proprietary attack tools, we're relentless in pushing the envelope. By developing these unique capabilities, we do more than just grow the sophistication of our services - we support the security community as a whole.

Tool Development and Research

AWS Security Research

To identify and demonstrate the risks in AWS cloud hosting, Rhino Security Labs developed a series of tools for blackbox testing of AWS environments.

Tools and techniques for targeting S3 buckets are demonstrated in this article.

Cloud Security Bypass Tools

With clients often leveraging cloud security tools, our research has included these platforms.

This cloud security bypass tool ("CFire") identifies misconfigurations in Cloudflare, allowing attackers to target the server directly.

Full List of Vulnerability Disclosures

CVE-2021-38112: AWS WorkSpaces Remote Code Execution

CVE-2021-21514: Dell OpenManage Server Administrator Arbitrary File Read

CVE-2020-5377: Dell OpenManage Server Administrator Arbitrary File Read

CVE-2020-13405: MicroWeber Unauthenticated User Database Disclosure

CVE-2019-9926: LabKey Server CSRF

CVE-2019-9758: LabKey Server Stored XSS

CVE-2019-9757: LabKey Server XXE

CVE‑2019‑5678: Command Injection in NVIDIA GeForce Experience Web Helper

CVE-2019-5674: NVIDIA Arbitrary File Writes to Command Execution

CVE-2018-8024: Apache Spark XSS vulnerability in UI

CVE-2018-5758: XXE in Jive-n

CVE-2018-5757: Authenticated RCE in AudioCodes 450HD Phone

CVE-2018-20621: MEmu Android Emulator Local Privilege Escalation

CVE-2018-1000110 - Jenkins Information Disclosure to Unauthenticated Users

CVE-2017-12861 - Epson Authentication Bruteforce Vulnerability

CVE-2017-12860 - Epson Hard-Coded Credentials Vulnerability

CVE-2017-7284 - Unitrends Enterprise Backup Privilege Escalation in users.php File

CVE-2017-7283 - Unitrends Enterprise Backup Remote Code Execution in restore.php File

CVE-2017-7282 - Unitrends Enterprise Backup Local File Inclusion

CVE-2017-7281 - Unitrends Enterprise Backup Remote Code Execution in reports.php File

CVE-2017-7280 - Unitrends Enterprise Backup Remote Code Execution in systems.php File

CVE-2017-7279 - Unitrends Enterprise Backup Privilege Escalation in Token Cookie

CVE-2016-9463 - NextCloud/ownCloud SMB User Authentication Bypass

CVE-2016-8972 - IBM AIX Bellmail Privilege Escalation Vulnerability

CVE-2016-6079 - IBM AIX lquerylv Local Privilege Escalation Vulnerability

CVE-2016-3053 - IBM AIX lmscode Local Privilege Escalation Vulnerability

Get a Quote

Complete the request form and a highly-technical, experienced security consultant will reach out to discuss your needs. We create customized quotes tailored to fit your unique environment.

The more details you can provide about your security needs, the better.

We'll respond to your message within 24 hours.