ProjectSend Vulnerability Exploited in the Wild

November 27, 2024 at 06:23AM VulnCheck warns that threat actors are exploiting a severe vulnerability (CVE-2024-11680) in unpatched ProjectSend servers, allowing remote unauthorized access. Despite a patch released in May 2023, most servers remain unupdated, with 55% still vulnerable, leading to widespread exploitation and potential webshell installations. ### Meeting Takeaways: 1. **Vulnerability Overview**: – The … Read more