Security News > 2024 > December > PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug to access sensitive files
2024-12-06 06:01
Still unpatched 100+ days later, watchTowr says A zero-day arbitrary file read vulnerability in Mitel MiCollab can be chained with a now-patched critical bug in the same platform to give attackers access to sensitive files on vulnerable instances. …
News URL
https://go.theregister.com/feed/www.theregister.com/2024/12/06/mitel_micollab_0day/
Related news
- Mitel MiCollab zero-day and PoC exploit unveiled (source)
- China-linked group abuses Fortinet 0-day with post-exploit VPN-credential stealer (source)
- PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) (source)
- Mitel MiCollab zero-day flaw gets proof-of-concept exploit (source)
- Researchers Uncover Symlink Exploit Allowing TCC Bypass in iOS and macOS (source)
- 390,000+ WordPress Credentials Stolen via Malicious GitHub Repository Hosting PoC Exploits (source)