Recent SSRF Flaw in Ivanti VPN Products Undergoes Mass Exploitation
February 6, 2024 at 03:15AM A server-side request forgery (SSRF) vulnerability in Ivanti products is being widely exploited, leading to mass attacks from over 170 unique IP addresses. The exploit allows unauthorized access to restricted resources. Security firm Rapid7 released a proof-of-concept exploit, and outdated open-source components in Ivanti VPN appliances pose further security risks. … Read more