Security News > 2024 > November > Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers
2024-11-27 16:05
A critical security flaw impacting the ProjectSend open-source file-sharing application has likely come under active exploitation in the wild, according to findings from VulnCheck. The vulnerability, originally patched over a year-and-a-half ago as part of a commit pushed in May 2023 , was not officially made available until August 2024 with the release of version r1720. As of November 26, 2024,
News URL
https://thehackernews.com/2024/11/critical-flaw-in-projectsend-under.html
Related news
- CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability (source)
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- CISA confirms critical Cleo bug exploitation in ransomware attacks (source)
- New critical Apache Struts flaw exploited to find vulnerable servers (source)
- Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected (source)
- Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation (source)