June 7, 2024 at 10:39AM A new PHP RCE vulnerability, CVE-2024-4577, impacts Windows PHP versions since 5.x. With a patch released, updating large-scale deployments poses challenges, leaving systems vulnerable. Exploiting ‘Best-Fit’ encoding on Windows, it bypasses prior protections. Mitigations include upgrading to patched versions, applying mod_rewrite rules, or migrating from CGI to FastCGI, PHP-FPM, or … Read more
May 21, 2024 at 01:54PM Infosec researchers have flagged a critical vulnerability (CVE-2024-4323) in Fluent Bit, a widely used logging component. Tenable discovered the flaw, potentially leading to denial of service, information leakage, and remote code execution. The issue affects versions 2.0.7 through 3.0.3 and may compromise the security of major cloud providers and blue … Read more
April 5, 2024 at 01:47PM Approximately 16,500 Ivanti Connect Secure and Poly Secure gateways are vulnerable to remote code execution flaw CVE-2024-21894, exposing them to potential denial of service and unauthenticated user exploitation. This high-severity vulnerability has seen significant exposure worldwide, including state-sponsored threat actors and widespread exploitation, making it crucial for system administrators to … Read more
January 29, 2024 at 05:07PM Security researchers discovered about 45,000 vulnerable Jenkins instances online, susceptible to CVE-2023-23897, a critical flaw allowing remote code execution. The issue originates from an automatic file reading feature, potentially leading to arbitrary command execution. There are multiple public PoC exploits available, posing a significant threat to unpatched Jenkins servers globally. … Read more
December 15, 2023 at 06:42AM Threat actors are exploiting a critical remote code execution flaw in internet-accessible Apache Struts 2 instances. Tracked as CVE-2023-50164, the bug allows attackers to manipulate file upload parameters and upload malicious files, resulting in RCE. Despite widespread exploitation attempts, scaling the attack is challenging. Users of affected Struts versions are … Read more
October 26, 2023 at 02:57PM Open source data integration platform Mirth Connect has a remote code execution vulnerability, according to cybersecurity firm Horizon3.ai. The vulnerability, tracked as CVE-2023-43208, bypasses a critical-severity flaw disclosed earlier and affects all Mirth Connect installations. A patch has been released, but the cybersecurity firm warns that the vulnerability is easily … Read more
October 25, 2023 at 03:40PM VMware has advised customers to update their vCenter Servers due to a critical flaw that could result in remote code execution. The flaw, assigned a high severity score of 9.8, allows for an out-of-bounds write vulnerability in the DCERPC protocol. It is considered a serious threat to the confidentiality, integrity, … Read more