Customer Portal
Connect with Support
Need help? We’ve got you covered. Sign in to the Customer Portal for our top recommended help articles, and to connect with our awesome Support Team.
Create and manage your cases with ease and get routed to the right product specialist.
Having trouble logging in?
- Create your account
- Reset your password via the "Need help signing in" link on the Sign In page.
- Customer Portal FAQs
Customer Support Guidebook
Learn how the Rapid7 Customer Support team can support you and your organization
Help & Docs
Self-Service Help
Training & Certifications
Be awesome at everything you do -- get trained by Rapid7 experts and take your security skills to the next level.
Learn moreConsulting Services
Need a hand with your security program? From planning and strategy to full-service support, our Rapid7 experts have you covered.
- Penetration Testing Services
- Managed Services for Vulnerability Management
- Managed Detection and Response Solution
- IoT Security Services
Read What’s New on the Rapid7 Blog
Metasploit Weekly Wrap-Up 06/28/2024
Unauthenticated Command Injection in Netis Router
This week's Metasploit release includes an exploit module for an unauthenticated
command injection vulnerability in the Netis MW5360 router which is being
tracked as CVE-2024-22729. The vulnerability stems from improper handling of the
password parameter within the router's web interface which allows for command
injection. Fortunately for attackers, the router's login page authorization can
be bypassed by simply deleting the authorization header,
Supply Chain Compromise Leads to Trojanized Installers for Notezilla, RecentX, Copywhiz
The following Rapid7 analysts contributed to this research: Leo Gutierrez, Tyler
McGraw, Sarah Lee, and Thomas Elkins.
Executive Summary
On Tuesday, June 18th, 2024, Rapid7 initiated an investigation into suspicious
activity in a customer environment. Our investigation identified that the
suspicious behavior was emanating from the installation of Notezilla, a program
that allows for the creation of sticky notes on a Windows desktop. Installers
for Notezilla, along with tools called RecentX and
Takeaways From The Take Command Summit: Unprecedented Threat Landscape
The Rapid7 Take Command summit unveiled crucial findings from the 2024 Attack Intelligence Report, offering invaluable insights for cybersecurity professionals navigating today's complex threat landscape.
Visit the Customer Portal
File a case, view your open cases, get in touch.