Security company Rapid7 has found multiple security flaws in Osram’s Lightify remote-controlled lighting system. “Practical exploitation effects ranging from the accidental disclosure of sensitive network configuration information, to persistent cross-site scripting [XSS] on the web management console, to operational command execution on the devices themselves without authentication,” said Rapid7, whose lead researcher Deral Heiland discovered the …