Security News > 2019 > September > [Unpatched] Critical 0-Day RCE Exploit for vBulletin Forum Disclosed Publicly
![[Unpatched] Critical 0-Day RCE Exploit for vBulletin Forum Disclosed Publicly](/static/build/img/news/alt/cyber-threat-stats-medium.jpg)
2019-09-24 19:04
An anonymous hacker today publicly revealed details and proof-of-concept exploit code for an unpatched, critical zero-day remote code execution vulnerability in vBulletin—one of the widely used internet forum software. One of the reasons why the vulnerability should be viewed as a severe issue is not just because it is remotely exploitable, but also doesn't require authentication. Written in
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/2eQZcPcBiUI/vbulletin-zero-day-exploit.html
Related news
- Mitel 0-day, 5-year-old Oracle RCE bug under active exploit (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Apache issues patches for critical Struts 2 RCE bug (source)
- Critical security hole in Apache Struts under exploit (source)
- Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits (source)
- Adobe warns of critical ColdFusion bug with PoC exploit code (source)
- Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection (source)
- Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks (source)
- Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation (source)
- Hackers exploit critical unpatched flaw in Zyxel CPE devices (source)