Security News > 2019 > September > [Unpatched] Critical 0-Day RCE Exploit for vBulletin Forum Disclosed Publicly
![[Unpatched] Critical 0-Day RCE Exploit for vBulletin Forum Disclosed Publicly](/static/build/img/news/alt/cyber-threat-stats-medium.jpg)
2019-09-24 19:04
An anonymous hacker today publicly revealed details and proof-of-concept exploit code for an unpatched, critical zero-day remote code execution vulnerability in vBulletin—one of the widely used internet forum software. One of the reasons why the vulnerability should be viewed as a severe issue is not just because it is remotely exploitable, but also doesn't require authentication. Written in
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/2eQZcPcBiUI/vbulletin-zero-day-exploit.html
Related news
- Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now (source)
- Critical Erlang/OTP SSH RCE bug now has public exploits, patch now (source)
- ⚡ Weekly Recap: Windows 0-Day, VPN Exploits, Weaponized AI, Hijacked Antivirus and More (source)
- Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability (source)
- PoC exploit for critical Erlang/OTP SSH bug is public (CVE-2025-32433) (source)
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) (source)
- Craft CMS RCE exploit chain used in zero-day attacks to steal data (source)
- Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised (source)
- ⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More (source)
- Critical Langflow RCE flaw exploited to hack AI app servers (source)