We are ERNW - SecTools

Share our vision of secure soft- and hardware

Fill 4

Our Mission

ERNW Sectools will provide tools that will make IT environments a safer place. We are engineering our knowledge, experience and expertise into new security tools and we will ensure, that our tools will be designed and developed in a secure manner, so they won’t become a weak link in customer environments.


Services

  • service-installation Created with Sketch.

    Installation

    As part of our product support service our professionals can support or take over the complete installation and integration of our products into customer environments. They are familiar with big enterprise networks and the corresponding technology. Please contact us for more details.

  • service-customizing Created with Sketch.

    Customizing

    Our products come with a rich feature set of functionality and reports, but we also offer customizing of our products like adding additional features, more reports, integration into SSO environments or whatever needs customizing. We are here to make it work, so do not hesitate to ask us, if you have special requirements.


Newsletter sign up

Get the latest news about technical topics within the IT-Security Community and a lot of special insights. Sign up now for our Newsletter at ernw.de:

Latest ERNW SecTools News

November 27, 2024

Vulnerability Disclosure: Command Injection in Kemp LoadMaster Load Balancer (CVE-2024-7591)

While conducting security research, I identified a critical vulnerability in Kemp’s LoadMaster Load Balancer. This vulnerability is a Command Injection and allows full system compromise. It requires no authentication and can be exploited remotely by having access to the Web User Interface (WUI). Kemp found that all LoadMaster versions up to and including version 7.2.60.0 […]

November 22, 2024

Vulnerability Disclosure: Authentication Bypass in Vaultwarden versions < 1.32.5 - CVE-2024-55225

During a penetration test for a customer, we briefly assessed Vaultwarden, an open-source online password safe. In June 2024, the German Federal Office for Information Security (BSI) published results1 of a static and dynamic test of the Vaultwarden server component. Therefore, only a partial source code audit was performed during our assessment. However, a quick […]

September 09, 2024

Announcement: Progress / Kemp LoadMaster CVE-2024-7591

Hey everybody, during a recent Red Teaming engagement Marius Walter from ERNW found a command injection issue in Progress (Kemp) LoadMaster. It was registered as CVE-2024-7591 and scores a CVSS of 10.0. The vendor already has patches out, make sure to apply them as this is a high severe issue. You can find the official […]

More on More ERNW SecTools related articles on our company blog