February 2026 Product Notes: New Test Catalogue & API Scanning experience
Security is often a game of “you don’t know what you don’t know.” At Detectify, we focus on removing that uncertainty. Whether it’s reaching 922 …
Detectify security updates for 7 March
Detectify
For continuous coverage, we push out major Detectify security updates every two weeks, keeping our tool up-to-date with new findings, features and improvements sourced from our security researchers and Crowdsource ethical hacker community. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. This post highlights a few things that we have improved in the last two weeks.
The following are some of the security vulnerabilities reported by Detectify Crowdsource ethical hackers. We added these tests to the Detectify scanner tool on 7 March.
CVE-2019-1003000: Jenkins RCE
Orange Tsai has written a excellent blog post about the vulnerability: https://devco.re/blog/2019/02/19/hacking-Jenkins-part2-abusing-meta-programming-for-unauthenticated-RCE-en/
CVE-2019-7238: Nexus Repository Manager RCE
Nexus Repository Manager 3.6.2 OSS/Pro versions up to and including 3.14.0 are affected by a pre-authenticated code injection vulnerability.
More information can be found at in the advisory: https://chybeta.github.io/2019/02/18/Nexus-Repository-Manager-3-RCE-%E5%88%86%E6%9E%90-%E3%80%90CVE-2019-7238%E3%80%91/
CVE-2017-16877: Next.js Path Traversal
Next.js is a web framework for server-rendered React applications. It includes a NodeJS server which allows to render HTML pages dynamically. Recently an Arbitrary File Reading vulnerability was discovered in Next.js by security researcher Arseny Reutov.
More information could be found here.
Apache Airflow Exposure
By default, all gates are opened. An easy way to restrict access to the web application is to do it at the network level, or by using SSH tunnels.
Airflow has by default no authorization. It is common for this to be exposed on the internet without someone having added authorization.
Craft CMS Full Path Disclosure
It is possible to configure the web server running Craft CMS which results in the path the CMS is installed in being exposed.
Craft CMS Log Disclosure
It is possible to configure the web server running Craft CMS which results in error logs containing technical information being exposed.
FastCGI Test Page Exposure
There is a test page that reflects all set cookies. If this could be chained with XSS it would be possible to bypass HttpOnly-flags.
Check out more content
Introducing Protocol Discovery to stop guessing what’s behind your open ports
Most tools will just tell you that a port is open. We’ve decided that’s not enough. TLDR: We’ve launched Protocol Discovery, a custom-built engine designed …
