Over 50,000 Tinyproxy servers vulnerable to critical RCE flaw
May 7, 2024 at 01:13PM Nearly 52,000 vulnerable Tinyproxy instances exposed to CVE-2023-49606, a critical remote code execution flaw. Cisco Talos disclosed the use-after-free vulnerability in December 2023, affecting versions 1.11.1 and 1.10.0. After receiving no response from developers, Cisco reported detailed information and proof-of-concept exploits. On Sunday, Tinyproxy released a fix to prevent exploitation, … Read more