7 min
Vulnerability Disclosure
CVE-2025-48045, CVE-2025-48046, CVE-2025-48047: MICI NetFax Server Product Vulnerabilities (NOT FIXED)
Over a penetration testing engagement, Rapid7 discovered 3 vulnerabilities in MICI Network Co., Ltd’s NetFax server allowing for an authenticated attack chain resulting in Remote Code Execution (RCE) against the device as the root user.
4 min
Penetration Testing
Keys to the Kingdom - Gaining access to the Physical Facility through Internal Access
This is a story of network segmentation and the impact that seemingly trivial misconfigurations can have for your organization.