Security News > 2024 > November > Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers
2024-11-27 16:05
A critical security flaw impacting the ProjectSend open-source file-sharing application has likely come under active exploitation in the wild, according to findings from VulnCheck. The vulnerability, originally patched over a year-and-a-half ago as part of a commit pushed in May 2023 , was not officially made available until August 2024 with the release of version r1720. As of November 26, 2024,
News URL
https://thehackernews.com/2024/11/critical-flaw-in-projectsend-under.html
Related news
- New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking (source)
- Critical AMI MegaRAC bug can let attackers hijack, brick servers (source)
- Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability (source)
- Critical flaws fixed in Nagios Log Server (source)
- Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised (source)
- Critical Langflow Flaw Added to CISA KEV List Amid Ongoing Exploitation Evidence (source)
- Critical Langflow RCE flaw exploited to hack AI app servers (source)
- Apache Parquet exploit tool detect servers vulnerable to critical flaw (source)