#SystemPatch – Xynik

SolarWinds fixes hardcoded credentials flaw in Web Help Desk

August 22, 2024 by Xynik

August 22, 2024 at 11:07AM SolarWinds has issued a hotfix addressing a critical Web Help Desk vulnerability. This vulnerability could enable unauthorized access to unpatched systems by exploiting hardcoded credentials. Based on the meeting notes, it’s important to highlight that SolarWinds has released a hotfix to address a critical vulnerability in the Web Help Desk. … Read more

Hackers target Apache RocketMQ servers vulnerable to RCE attacks

January 5, 2024 by Xynik

January 5, 2024 at 12:38PM Security researchers have identified critical vulnerabilities, CVE-2023-33246 and CVE-2023-37582, in Apache RocketMQ. Despite an initial patch, these vulnerabilities remain active, impacting the NameServer component in RocketMQ version 5.1 and older. Attackers can exploit these flaws to execute commands and should upgrade to version 5.1.2/4.9.7 or higher to prevent attacks. ShadowServer … Read more