Security News > 2024 > April > Maximum severity Flowmon bug has a public exploit, patch now
2024-04-24 20:08
Proof-of-concept exploit code has been released for a top-severity security vulnerability in Progress Flowmon, a tool for monitoring network performance and visibility.
The security issue has the maximum severity score of 10/10 and was discovered by researchers at Rhino Security Labs.
An attacker can exploiting the vulnerability can use a specially crafted API request to gain remote, unauthenticated access to the Flowmon web interface and execute arbitrary system commands.
The number of Flowmon instances exposed on the public web appears to vary greatly depending on the search engine.
Exploit released for Fortinet RCE bug used in attacks, patch now.
Exploit available for new critical TeamCity auth bypass bug, patch now.