Security News > 2019 > September > [Unpatched] Critical 0-Day RCE Exploit for vBulletin Forum Disclosed Publicly
2019-09-24 19:04
An anonymous hacker today publicly revealed details and proof-of-concept exploit code for an unpatched, critical zero-day remote code execution vulnerability in vBulletin—one of the widely used internet forum software. One of the reasons why the vulnerability should be viewed as a severe issue is not just because it is remotely exploitable, but also doesn't require authentication. Written in
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/2eQZcPcBiUI/vbulletin-zero-day-exploit.html
Related news
- Exploit released for critical WhatsUp Gold RCE flaw, patch now (source)
- PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) (source)
- Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices (source)
- HPE warns of critical RCE flaws in Aruba Networking access points (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- Critical 9.8-rated VMware vCenter RCE bug exploited after patch fumble (source)
- China-linked group abuses Fortinet 0-day with post-exploit VPN-credential stealer (source)
- 1000s of Palo Alto Networks firewalls hijacked as miscreants exploit critical hole (source)