Security News > 2019 > September > [Unpatched] Critical 0-Day RCE Exploit for vBulletin Forum Disclosed Publicly
![[Unpatched] Critical 0-Day RCE Exploit for vBulletin Forum Disclosed Publicly](/static/build/img/news/alt/cyber-threat-stats-medium.jpg)
2019-09-24 19:04
An anonymous hacker today publicly revealed details and proof-of-concept exploit code for an unpatched, critical zero-day remote code execution vulnerability in vBulletin—one of the widely used internet forum software. One of the reasons why the vulnerability should be viewed as a severe issue is not just because it is remotely exploitable, but also doesn't require authentication. Written in
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/2eQZcPcBiUI/vbulletin-zero-day-exploit.html
Related news
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks (source)
- Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation (source)
- Hackers exploit critical unpatched flaw in Zyxel CPE devices (source)
- Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits (source)
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)